Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'disable password logins' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
disable password logins
Authored by: ctierney on Jan 24, '07 11:08:56AM
Hello,

After you've confirmed that you can login without a password, you may want to consider disabling password authentication. Sounds counter intuitive, but this will require the use of public/private key pairs. This'll discourage brute force login attemps which has become common. The setting is in /etc/ssh_config and is called PasswordAuthentication. Uncomment that line and change yes to no. Then restart the ssh deamon. Use either kill -s HUP or just turn off remote login in the sharing preferences then turn it back on.

If you're really paranoid, you can also make sshd listen on a non standard port.

--
Cole



[ Reply to This | # ]