 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Ward Vandewege wrote: > Better yet; disallow direct (root) logins with passwords. Only allow them with > keys. This is excellent advice. In fact, if this this is a home system, you're probably better off to set the defaults such that no one can log in via sshd, then specifically allow certain (real) users. You should *never* need root to log in directly. This forces them to guess *both* a username and a password, and with no indication as to whether a username is valid or not, it becomes *very* difficult to brute force. Note that the script kiddies will try not only the username 'root', but also 'apache', 'httpd', 'ftp', etc. --Matt
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
