de-peering for security sake

• Previous message (by thread): de-peering for security sake
• Next message (by thread): de-peering for security sake
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Dec 26, 2015, at 11:14 AM, Joe Abley <jabley at hopcount.ca> wrote:
> 
> With respect to ssh scans in particular -- disable all forms of
> password authentication and insist upon public key authentication
> instead. If the password scan log lines still upset you, stop logging
> them.

Or if you can’t get users to use keys (aside from remove the users) consider things like:

example /etc/ssh/sshd_config
Match User root
	PasswordAuthentication no

for users that should not be permitted to fall-back to password authentication.

- Jared

• Previous message (by thread): de-peering for security sake
• Next message (by thread): de-peering for security sake
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]