SSH Access Issues
jdow
jdow at earthlink.net
Sat Oct 11 21:24:56 UTC 2008
From: "Wolfgang S. Rupprecht" <wolfgang.rupprecht+gnus200810 at gmail.com>
Sent: Wednesday, 2008, October 08 09:54
>
> Jonathan Allen <jonathan at barumtrading.co.uk> writes:
>> PasswordAuthentication yes
>> ChallengeResponseAuthentication no
>> UsePAM yes
>> X11Forwarding yes
>
> Check your file permissions. All the files leading up to your
> authorized_keys file need to be "go-w".
>
> You might want to google for "sshd config" without the quotes. In
> particular "PasswordAuthentication yes" and "UsePAM yes" are a bad
> idea. I'm surprised that sshd still allows that given the level of
> sshd password guessing going on.
It's possible to configure a firewall to give one shot every three minutes
to logging in via ssh.
How long do you think it would take to guess "12345678" as a password
at one try every three seconds? (Or for the real paranoids one try
every three minutes.)
{^_-}
More information about the fedora-list
mailing list