Questions concerning Security Log
Jeff Vian
jvian10 at charter.net
Thu Apr 7 12:22:38 UTC 2005
On Thu, 2005-04-07 at 11:34 +0300, Dotan Cohen wrote:
> On Apr 7, 2005 10:49 AM, Paul Howarth <paul at city-fan.org> wrote:
> > On Thu, 2005-04-07 at 09:14 +0300, Dotan Cohen wrote:
>
>
> Thanks. I tryed to edit /etc/ssh/sshd_config and found that it is
> either empty or does not exist. In emacs i just get a blank screen. So
> maybe I don't even have ssh on this computer? I did a FC3 desktop
> installation.
The file can only be edited by root.
It is at /etc/ssh/sshd_config, and if you have openssh installed it
should be there.
>
> > 2. Make sure you use strong passwords for *all* accounts.
>
> Check!
>
good
> > 3. Consider turning off password authentication altogether and using
> > certificates instead.
>
> I will look into this. As far as I can see, I would need to purchase a
> certificate? I have never logged into this machine from outside, but I
> would like to leave that option open.
>
> Thanks Paul.
>
> Dotan Cohen
>
An easier way than the certificate would be to use iptables to limit the
addresses allowed to connect to your machine with ssh. Then those
messages will just disappear since the script kiddies can't even touch
the system.
More information about the fedora-list
mailing list