Re: openssh concerns

If this hasn't been mentioned already, disable password logins
in sshd_config and require RSA authentication only.

I do this on all hosts I administer that are internet accessible
and it allows me to confidently ignore all of the password
guessing attacks, resulting in peace of mind.


RSAAuthentication yes
PubkeyAuthentication yes
PasswordAuthentication no
ChallengeResponseAuthentication no
freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"