[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SSHd



Arjan van de Ven wrote:
> On Wed, 2006-08-23 at 13:21 +0200, Trond Eivind Glomsrød wrote:
>>
>>
>> On 8/21/06, Bill Nottingham <notting redhat com> wrote:
>>         Matthew Miller (mattdm mattdm org) said:
>>
>>         > But really, it seems like the "can't get to a shell
>>         during/after an install"
>>         > can leave you stuck in a number of cases, not just this
>>         one....
>>
>>         It's just that realistically, changing this would essentially
>>         mean
>>         "any headless machine will not be able to be logged into
>>         without kickstart
>>         machinations". I don't think that's an improvement.
>>
>> Agreed. Remote login is very useful to finish an install - or if other
>> mechanisms that normally do work don't.
>>
>>
>> The problem, that some bots try and try and try again on the ssh root
>> account, would best be dealth with with a default configuration that
>> blocks an IP for some time if enough unsuccessful attempts are made.
>
> installing denyhosts by default sounds reasonable ;)

+1

denyhost is one of the first packages that I install on all my Linux based
servers.

Michael


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]