W dniu 08.11.2009 10:57, Martin Waschbuesch pisze:
Hi all,
As promised, I added the steps I took to make the toaster a little
more secure to the user tips&tricks section. I am rather unfamiliar
with the wiki editing, so please feel free to reformat to make it
'blend in' ;)
Martin
About http://wiki.qmailtoaster.com/index.php/User_Tips_%26_Tricks#SSH
It not hardening system. :(
Someone can use dictionary attack on urdinary user account, then after
logging as user tried to login as super user (sudo, su or by kernel bug).
I prefer:
#Protocol 2,1
Protocol 2
PasswordAuthentication no
Only version 2 ssh protocol and no way to login by password, I permit
root login. File ~/.ssh/authorized_users determines who physically can
login. In this file are public keys of authorized to login on this (i.e.
root) account. It's more secure. :)
Installation of ossec can improve the security of server to.
--
Pozdrawiam / Regards,
Aleksander Podsiadły
mail: a...@westside.kielce.pl
jid: a...@jabber.westside.kielce.pl
ICQ: 201121279
gg: 9150578
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com