Hi, On Thu, Feb 24, 2011 at 07:25:39AM -0700, Aaron Toponce wrote: > On Thu, Feb 24, 2011 at 10:18:20AM +0100, Klistvud wrote: > > 4. The sshd daemon allows root logins by default. > > Oh brother. The ssh daemon also allows logins via passwords. I assume > you think this is less secure as well, as ssh keys should be the > preferred method. We should also change the port off 22 to something > like 31867, right? > > Security by obscurity my friend. Security by obscurity.
Some time, well thought "security by obscurity" may be a good idea. I do not bother disabling root login but I may put "knockd" to prevent chance of DOS attack or brute force break-ins. > -- > . o . o . o . . o o . . . o . > . . o . o o o . o . o o . . o > o o o . o . . o o o o . o o o -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
