On Tue, 10 Aug 2004 20:52, Dale E Martin <[EMAIL PROTECTED]> wrote: > I've noticed a fair number of attempted root logins on my various boxes
Same here. Also attempted logins to "test", "admin", and some other accounts. > over the last few weeks. I don't know if there is a new ssh vulnerability > (that thus far appears to be ineffective with my config) or if they are > attempting one of the old ones... It appears to be just password guessing. > Anyways, I would like to disable password logins for root on several of my > boxes but allow root to come in from known IPs and with known ssh keys. Is > there a way to disable password logins for root in sshd_config or > root/.ssh/config, while leaving password logins intact for regular users? Ideally we would be able to specify a list of acceptable IP addresses for each account, both in a central file and in per-user config files. It would be really great if someone would write code to do this! Of course this wouldn't necessarily cover you against a bug in sshd... -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
