Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.4: Disable ssh password login under Tiger' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.4: Disable ssh password login under Tiger
Authored by: squawky on Aug 19, '05 05:44:18PM
I'm not so sure about changing the port -- the logs on my G5 at work showed repeated attempts to ssh using random ports as well as random usernames. Even if the script used the wrong port, the syslog still recorded hundreds of attempts to ssh in.

The only solution I could come up with was to use tcpwrappers: deny ssh access to any IP that is not part of the domain at work, or part of the domain my ISP uses. That reduced the hundreds attempts to the occasional "sshd access denied to (random ip)" note. (Plus the strong passwords and disabled root access, etc. etc.)

Not the best solution, since I have to ssh into a work machine and then into the G5 if I'm away from home (to edit the /etc/hosts.allow file, at the very least) -- but it seems to work.

[ Reply to This | # ]