Just wanted to add a couple of things to your list (and thanks for sharing your experiences, btw).
1)Password should be strong. > 2)Allow ssh from known ips only. This is often not practical - esp. when you need to access your machine from anywhere in the world. 2.1. If possible, run ssh on a non-standard port. Or have your router/firewall redirect a non-standard port to 22. I've found a lot of traffic sniffing my port 22 in my logs. 2.2. If at all possible always use a keypair for ssh access. Especially on a publicly visible network. 3)Have to take bare metal backup after installing the system , for quick > restore > 4)Install and monitor any intrusion detection system > 4.1. Have your system email you every time someone SSH's into your system. 5. Never have ssh allow root logins. And we all make these mistakes. It's just gutsy of you to admit it :) _______________________________________________ To unsubscribe, email [EMAIL PROTECTED] with "unsubscribe <password> <address>" in the subject or body of the message. http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
