RE: SSH scans...
From: KEM Hosting (security_at_kemhosting.com)
Date: 12/21/04
- Previous message: Steve Kemp: "Re: SSH scans..."
- In reply to: Steve Kemp: "Re: SSH scans..."
- Next in thread: Michael H. Warfield: "Re: SSH scans..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <INCIDENTS@securityfocus.com> Date: Mon, 20 Dec 2004 17:18:46 -0600
>> 1. "ssh" should be configured to prohibit root logins
>Sometimes not an option. It's useful to backup machines with rsync...
Try this: http://www.hackinglinuxexposed.com/articles/20030115.html
There's a whole series on how to configure password-less root SSH logons
that only allow you to run a pre-given command (eg: rsync). I implemented
this on my backup box. I turned off root logins except those coming from my
backup server, using the private key and running only the pre-selected rsync
command...works well.
Ed
- Previous message: Steve Kemp: "Re: SSH scans..."
- In reply to: Steve Kemp: "Re: SSH scans..."
- Next in thread: Michael H. Warfield: "Re: SSH scans..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
