If this hasn't been mentioned already, disable password logins in sshd_config and require RSA authentication only.
I do this on all hosts I administer that are internet accessible and it allows me to confidently ignore all of the password guessing attacks, resulting in peace of mind. Darren RSAAuthentication yes PubkeyAuthentication yes PasswordAuthentication no ChallengeResponseAuthentication no _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
