Re: securing sshd_config

From: Allanon (beppebest@tiscali.it)
Date: 11/04/02


From: "Allanon" <beppebest@tiscali.it>
Date: Mon, 4 Nov 2002 13:34:25 +0100


"Bill Unruh" <unruh@string.physics.ubc.ca> ha scritto nel messaggio

> ]PasswordAuthentication no
>
> This means you will be unable to log in from almost everywhere in the
> world. This means that ONLY those places with which you have exchanged
> your public key can log into your computer. I suspect you want this to
> be yes, so that you can use ssh from some other computer which has ssh
> installed, and log in by typing in your password.
>
>

first of all, thank you for youe help!

About the "PasswordAuthentication":
i read some articles on the web, and they say it would be better if i used
public key
and no other methods. so, if an user wants to connect to my ssh-server, he
has to
give me his public-key, so i have a complete control. with passwordAuth,
everyone on the
web could force and try and try passwords.
Aren't yu agree?

Moreover, i use ssh only for my personal use, so the only thing is to take
with me
my private key. no problem!

what do you think about?

Second thing, do you think that i have to add some other options, in my
config file?
Third:"PermitRootLogin"

> ]PermitRootLogin yes #i dont' know
> This means that if root tries to log in from somewhere else, is he
> allowed to do so? Since you wanted max security this should prob be no.

yes, but if I've the necessity of log-in like Administrator (i use Windows!)
In some documents i read that is better to log-in like normal user and,
then,
execute "su" to became root. It's good, but i don't know if it's possibile
in windows, and eventually HOW it's possible!
I also try to set it no "no", but i'm able to enter with the "Administrator"

Regards,
Giuseppe