On 9 March 2012 11:52, Jason Pickering <[email protected]> wrote: >> >> I'd use HTTPS/SSL for web access and definitely use SSH (preferably using >> both certificates and passwords) for server access (for people administering >> the linux installations). >> > > SSH is a must. I would also move it to a non-standard port, and > disable remote access with passwords, and disable the root user from > being able to login over SSH. You will still get a lot of bot attacks, > but using certificates (with a password) will greatly increase the > security of the server.
what certificates? I just use my public and private key combination ie. copy my public key into ~/ssh/authorized_keys on the server. Disabling remote access with passwords is really important, but sometimes it takes a bit of time getting people used to using keys. Worth the effort though. Don't lose the keys. > > _______________________________________________ > Mailing list: https://launchpad.net/~dhis2-users > Post to : [email protected] > Unsubscribe : https://launchpad.net/~dhis2-users > More help : https://help.launchpad.net/ListHelp _______________________________________________ Mailing list: https://launchpad.net/~dhis2-users Post to : [email protected] Unsubscribe : https://launchpad.net/~dhis2-users More help : https://help.launchpad.net/ListHelp
