> i would like to know if sshd is really secure as long as nobody who > shouldn't has the correct username and password.
It is as secure as long as a) your passwords cannot be cracked and b) you run the lastest version of sshd. That given, there's haxor scripts out there that attempt to hit sshd looking for known vulnerabilities and you'll often see a lot of these messages in the log. My own local solution was to move sshd to an unknown, unprivileged port. It adds another level of obscurity and, as the known user, you just need to remember the port and the login information. End result: You'll still be able to ssh in but the log messages will go away. -- [email protected] mailing list
