ssh alternatives
Steven Jones
Steven.Jones at vuw.ac.nz
Wed Sep 21 04:26:56 UTC 2005
We run ssh on a non-standard port and have no issues with scripts....
Anyway options we use,
1) Non-standard ssh port
2) IPtables ruleset to limit ssh connections from known subnets or IPs.
3) Add config to sshd_config to only allow ssh connection from certain
users,
Eg.,
AllowUsers me you
Tcpwrappers is also an option.
We also run iptables to block on other ports eg 80, to our class B
Regards
Thing
-----Original Message-----
From: Greg Golin [mailto:greg.golin at gmail.com]
Sent: Wednesday, 21 September 2005 3:46 p.m.
To: redhat-list at redhat.com
Subject: ssh alternatives
Following a discussion on slashdot I would like to ask this list's
opinion on providing remote access in general and ssh vs other
solutions in particular.
So here's the deal. I know most of sshd brute force attempts shall be
thwarted by running the daemon on a different port. However, many
existing scripts -- too many to change all of them -- rely on default
ssh configuration. At the same time, my devs require constant remote
access to the servers.
I am currently considering disabling ssh on external interfaces and
installing openswan.
What is your opinion on this issue?
Thanks.
G
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
More information about the redhat-list
mailing list