On Thu, May 05, 2011 at 03:46:27PM -0700, cac...@quantum-sci.com wrote: > On Thursday 5 May, 2011 15:09:02 Brian wrote: > > Use a strong password or ssh keys for access to the server. The question > > is whether you trust the machine you use at work. > > OK, say you -don't- trust your machine at work. Workarounds? > You could run Debian Live on a USB stick (or any other live distro, really). Boot your work machine with that, and you will have a trusted machine. Use that to ssh to your home machine.
And follow the advice that others have already given you. Specifically, disallow password authentication. That is a biggie. Even if you have a strong password, others on your home machine may not. As already said, you can use AllowUsers in sshd_config to allow only specific users to have ssh access. I hesitate to mention this, because it will start an argument about security through obscurity, but you can run your ssh server on a port other than 22. It really does nothing for security, but it will keep your firewall logs a lot cleaner because it avoids pesky scripts that circulate the internet, trying to brute force ssh servers. -Rob -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110506005412.gd17...@aurora.owens.net
