On 31/01/14 17:56, Raffaele Morelli wrote: > 2014-01-31 Scott Ferguson <scott.ferguson.debian.u...@gmail.com > <mailto:scott.ferguson.debian.u...@gmail.com>>: > > On 31/01/14 15:29, Raffaele Morelli wrote: > > > > > > > > 2014-01-30 Brian <a...@cityscape.co.uk > <mailto:a...@cityscape.co.uk> <mailto:a...@cityscape.co.uk > <mailto:a...@cityscape.co.uk>>>: > > > > On Thu 30 Jan 2014 at 18:53:11 +0100, Denis Witt wrote: > > > > > On Tue, 28 Jan 2014 18:42:34 +0000 > > > Brian <a...@cityscape.co.uk <mailto:a...@cityscape.co.uk> > <mailto:a...@cityscape.co.uk <mailto:a...@cityscape.co.uk>>> wrote: > > > > > > > The AllowUsers directive is a legitimate way to restrict ssh > > logins to > > > > certain users. However, I do not see what (ssh keys + > AllowUsers) > > > > brings to the party that (password + AllowUsers) doesn't. > > > <snipped> > > Agree but this is not my point in the thread.
It's not your thread. > It's bad habit to split a comment into little pieces losing the whole point. Absolutely - which is *exactly* what happens when the OP asks about security and discussion devolves into a discussion about SSH. Security requires a *comprehensive* approach involving risk assessment, risk management (distribute the risk) and OpSec. Hence my original suggestion to follow the Debian Security guide which puts SSH into context. Brian "gets it", you don't appear to. <snipped> Kind regards -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/52eb4ea0.4010...@gmail.com
