On Fri, 30 Mar 2007 11:21:19 -0400 Roberto C. Sánchez <[EMAIL PROTECTED]> wrote:
> On Fri, Mar 30, 2007 at 05:17:04PM +0200, Nigel Henry wrote: > > > > Hi Greg. That was an easy fix. Thanks for the very good explanation. > > Everything is crystal clear now. While I was at it I changed the "Allow > > Root > > Login" line from yes to no, as I'd seen on a previous thread that this was > > not a good idea, and "yes" seems to be the default. I can always su to root > > once logged in, if I need to do anything as root. > > > Also, if you know for sure that you will always be accessing the machine > from the same few hosts, you might want to consider disabling password > logins altogether and only allowing public key logins. It is > significantly more secure, since it is impossible for a dictionary > attach to succeed against a server which only allows public key login. You can do this even with unlimited hosts, if you carry your key (encrypted, of course) on a USB flash drive. Celejar
