Antonio Coralles wrote:
>I'm running sshd on my personal computer to be able to log in from
>different machines. To tighten security without disabling pam i've
>created a user which is not in groop weel, and configured ssh to accept
>logins for this user only. By the way all passwords on my system are
>well choosen and should be invulnerable to dictonary attacs.
>
>As # cat /var/log/sshd/current normaly looks something like
>
> Apr 21 15:17:26 [sshd] Did not receive identification string from
>211.20.75.83
>Apr 21 18:05:16 [sshd] Invalid user test from 213.244.22.178
>Apr 21 18:05:16 [sshd] reverse mapping checking getaddrinfo for
>reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
>Apr 21 18:05:16 [sshd] User guest not allowed because shell /dev/null is
>not executable
>Apr 21 18:05:16 [sshd] reverse mapping checking getaddrinfo for
>reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
>Apr 21 18:05:17 [sshd] Invalid user admin from 213.244.22.178
>Apr 21 18:05:17 [sshd] reverse mapping checking getaddrinfo for
>reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
>Apr 21 18:05:17 [sshd] Invalid user admin from 213.244.22.178
>Apr 21 18:05:17 [sshd] reverse mapping checking getaddrinfo for
>reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
>Apr 21 18:05:18 [sshd] Invalid user user from 213.244.22.178
>Apr 21 18:05:18 [sshd] reverse mapping checking getaddrinfo for
>reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
> - Last output repeated twice -
>Apr 21 18:05:18 [sshd] User root not allowed because not listed in
>AllowUsers
>Apr 21 18:05:19 [sshd] reverse mapping checking getaddrinfo for
>reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
>Apr 21 18:05:19 [sshd] User root not allowed because not listed in
>AllowUsers
>Apr 21 18:05:20 [sshd] reverse mapping checking getaddrinfo for
>reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
>Apr 21 18:05:20 [sshd] User root not allowed because not listed in
>AllowUsers
>Apr 21 18:05:20 [sshd] Invalid user test from 213.244.22.178
>Apr 21 18:05:20 [sshd] reverse mapping checking getaddrinfo for
>reverse.completel.net failed - POSSIBLE BREAKIN ATTEMPT!
>Apr 21 19:02:44 [sshd] Did not receive identification string from
>62.193.229.154
>
>i would like to know if sshd is really secure as long as nobody who
>shouldn't has the correct username and password.
>
>thanks
>antonio
>
>
Hi Antonio,
Think this is more secure than the default setup, but it'll be better to
try public-key auth.
Generally speaking this is an auth with a public/private keys. Just edit
your /etc/sshd_config, read the comments or google for sample config
(don't have the links right now).
HTH. Rumen
--
gentoo-user@gentoo.org mailing list
