On Tue, Jun 05, 2007 at 07:24:07PM +1000, Voytek Eymont wrote: > > On Tue, June 5, 2007 5:04 pm, Zhasper wrote: > > On 05/06/07, Glen Turner <[EMAIL PROTECTED]> wrote: > >> On Tue, 2007-06-05 at 12:02 +1000, Zhasper wrote: > > >> 10% of users will choose a poor password. Better to get ssh to > >> insist on a public key, and then call login so it can ask for their > >> password too. > > > > Yes.. but I'd made an assumption that Voytek doesn't have any users on > > his machine. > > > > I should have stated that assumption though.. I have something like this setup in iptables
iptables -t filter --new-chain SSH iptables -t filter -A INPUT -i $WANADSL -p tcp --dport 22 -j SSH iptables -t filter -A INPUT -i $WANCABLE -p tcp --dport 22 -j SSH # SSH iptables -t filter -A SSH -m recent --set --name SSH $IPT -t filter $FNC SSH -m recent --name SSH ! --rcheck --seconds 60 --hitcount 4 -j RETURN # Well, the NEW connection has been seen so let's update the SSH recent list. iptables -t filter -A SSH -m recent --name SSH --update iptables -t filter -A SSH -j ULOG --ulog-nlgroup 1 --ulog-prefix 'sydrt01 S ' --ulog-cprange 0 --ulog-qthreshold 1 iptables -t filter -A SSH -j DROP to try and slow down ssh scans and PermitRootLogin without-password so I can still ssh in as root but only with a key no password > > Zhasper, > > your assumption was correct; I should've stated it though; > no users except for me have shell access, only ftp > > thanks to everyone for all the suggestions > > -- > Voytek > > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html >
signature.asc
Description: Digital signature
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
