(Xpost) Hi there,
as most of you will agree, it makes sense to have particular services of your skolelinux system available remotely: - ssh for administration - ssh for sftp - ssh for NX Even though, we don't use a fix IP, today we had a visitor via ssh who cracked a users password by bruteforce (this pupil happened to be in some weird IRC channel). This makes me think. As long we can't make sure all pupils' / teachers' passwords are safe, we rather should not allow ssh to them (as they don't use it for now, anyway). But in order to give teachers the opportunity to work from home, we will need some way to assure secure access. What solutions did you choose? Something like portscanblocking and hidden (unusual) port could be an option. I have to add, that port 22 is forwarded by our firewall to ltsp "only", hence, tjener itself is relatively secure. Our "guest" critisized that /boot was readable to him (he was goodwilled). Thanks for sharing your experience, regards, Ralf. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
