Good Morning Folks: I have been doing some reading over the last day or two about a SSH bot attack that is occurring in some places. I will be the first to admit that I have been a bit lax with my ssh security (allowing root logins etc). This problem has inspired me to get things cleaned up, and flying right again. I have already modified my ssh config to prevent root logins via ssh, so that hole is closed. In talking to a friend yesterday, he suggested using key based authentication to further protect my servers, which sounds like a great idea. The problem is that I have no idea how to set it up. A google search turned up the Gentoo pages on keychain, which does not sound exactly like what he was talking about (he mentioned a key carried on a JUMP drive (usb stick))
I am using gentoo (and fedora (soon to be converted) servers) and PUTTY. If someone can offer suggestions, or point me in the right direction, I would be most appreciative. Timothy A. Holmes IT Manager / Network Admin / Web Master / Computer Teacher Medina Christian Academy A Higher Standard... Jeremiah 33:3 Jeremiah 29:11 Esther 4:14 -- gentoo-user@gentoo.org mailing list
