*urgh* thats why things go terribly wrong.
Security by obscurity isn't save, wasnt and will never be, if you just dont
want the LogEntrys, exclude it from your Syslog.
if you want to secure your SSH Service, try following steps:
- if possible, use a seperate LAN (MGMT) and bind
your Service to this LAN only.
if theres no physical seperated LAN, build a
virtual seperated LAN (IPSec, ...)
- disable the weakest Authentication (Password)
- enforce your Authentication (RSA Keys) by
limiting the usage (man sshd, look for from=)
- enforce better policy in SSHD config, limit
retrys, ... for my understanding it doesnt
make sence to lockout root. there are enought
exploits to gain root access anyway.
- if you still want to limit the IP/TCP access to
SSH Service, do it on your Router infront of
the Machine.
there are no 15 bricks to stumble over for allowed access, its transparent for
upgrades, and its even more secure as theres no forgotten dependency.
my 5 cents
Greetz mIke
