Kurt Buff wrote:
On Fri, Apr 18, 2008 at 8:59 AM, Matthew Seaman
<[EMAIL PROTECTED]> wrote:
At any rate, locking down ssh access is one of my concerns, for sure,
so this discussion is helpful.
Wouldn't turning off password based logins and using public and private
keys (with a strong password) for ssh logins do the trick? if you limit
yourself based on IP addresses, its inevitable that you will need access
from an IP NOT on your exemption list at some time (like when you are on
vacation, at relatives, etc).
Using keys to authenticate ssh sessions has worked very well for me. if
you are concerned about the brute force attempts (which cant work
without the private key which you put a strong password on), you can use
something like denyhosts to block those hosts from even connecting.
hth
Eric
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
