Is it safe to open ssh port to world with only key based authentication?
Mike Klinke
lsomike at futzin.com
Wed Nov 23 14:15:00 UTC 2005
On Wednesday 23 November 2005 02:00, Vijay Gill wrote:
> Recently I started using key based authentication and disabled
> passwords in /etc/ssh/sshd_conf My question is, is it safe to
> open the port 22 in my iptables firewall script?
There's no black and white answer to that. On a scale of 1 to 10
you might want to assign numbers as follows:
1 = unsafe
3 = password authentication enabled
6 = key based authentication only
7 = allowing only certain IP address to access
10 = no access allowed to anyone
Some people are perfectly comfortable using strong passwords and
will consider anything over a '2' to be "safe". Others would only
consider "safe" to be something at '7' or better and I'm certain
you'll hear that '10' is the only sure defense.
Regards, Mike Klinke
More information about the fedora-list
mailing list