Re: securing sshd

2010-03-21 Thread Erik Norgaard
On 21/03/10 02:27, Peter wrote: On the same line, portknocking with pf: Port knocking suck: If you have to knock a single time on the secret port you might just have no added security at all, could be that the port scanner first knocked on the secret port then on the ssh port. If you have

Re: securing sshd

2010-03-20 Thread Peter
> Jamie Griffin writes: > >> Hello >> >> I've been reading up on securing sshd after being bombarded with >> attempted logins. >> >> The steps i've taken so far to make things more secure are: >> >> * changed the encryption met

Re: securing sshd

2010-03-20 Thread Jamie Griffin
> In that case, the best thing you can do is figure out the IP ranges of > either location. Definately a good idea, thanks Eric. > Btw. I found two articles on securityfocus.com, the first is analysis > using a honeypot, as you see these attacks are pretty lame: > http://www.symantec.com

Re: securing sshd

2010-03-20 Thread Erik Norgaard
On 20/03/10 18:23, Jamie Griffin wrote: The reason I went with that decision is because I only expect to be logging in to the server from two locations: at home or from a computer at my university In that case, the best thing you can do is figure out the IP ranges of either location. Check

Re: securing sshd

2010-03-20 Thread Jamie Griffin
I think on reflection I might have been a little over the top with blocking password logins and I think the point about carrying a key on a usb stick, etc, is a very good one. The reason I went with that decision is because I only expect to be logging in to the server from two locations: at hom

Re: securing sshd

2010-03-20 Thread Leonidas Tsampros
Jamie Griffin writes: > Hello > > I've been reading up on securing sshd after being bombarded with attempted > logins. > > The steps i've taken so far to make things more secure are: > > * changed the encryption method for passwords in /etc/login.conf from

Re: securing sshd

2010-03-20 Thread Erik Norgaard
On 20/03/10 17:14, Jerry wrote: Seriously, disabling password log-ins and using key authentication is extremely secure. Do make sure that you password protect your keys however. In any event, if you laptop or whatever is stolen, you have more than just one problem to contend with anyway. I don

Re: securing sshd

2010-03-20 Thread Elias Chrysocheris
On Saturday 20 of March 2010 18:14:17 Jerry wrote: > On Sat, 20 Mar 2010 16:32:28 +0100 > > Erik Norgaard articulated: > > > * Disabled password logins completely, and to only allow public key > > > authentication > > > > This seems good for security, but not always practical. Now you have > > to

Re: securing sshd

2010-03-20 Thread Jerry
On Sat, 20 Mar 2010 16:32:28 +0100 Erik Norgaard articulated: > > * Disabled password logins completely, and to only allow public key > > authentication > > This seems good for security, but not always practical. Now you have > to walk around with a USB or have keys on your laptop and if you >

Re: securing sshd

2010-03-20 Thread Erik Norgaard
On 20/03/10 14:18, Jamie Griffin wrote: I've been reading up on securing sshd after being bombarded with attempted logins. Hi! First step to ssh security is: Don't panic! Take your time to read the logs and understand what's going on. So, you've got bombarded with login

securing sshd

2010-03-20 Thread Jamie Griffin
Hello I've been reading up on securing sshd after being bombarded with attempted logins. The steps i've taken so far to make things more secure are: * changed the encryption method for passwords in /etc/login.conf from md5 to blowfish and changed all the passwords to ridiculous