In the last episode (May 09), [EMAIL PROTECTED] said:
> I would suggest using ssh with RSA key pairs and passphrases only.
> Dont allow password based login or root login over ssh. Only allow
> root to login using the console and use sudo for all admin tasks.
> I have not tried this myself but you could use tcpwrappers and write
> a script to add the IP address from repeated failed messages to the
> hosts.deny file. There are various scripts already written to do
> this. A quick goggle search found this
> (its about
> linux but I am sure the same approach applies to FreeBSD.)

Some more links on securing ssh from password attacks:

        Dan Nelson
_______________________________________________ mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to