Disabling ssh password authentication
Brute force password guess attacks generally runs against ssh server. You can allow only known ip addresses to connect ssh port with iptables but sometimes it is not the best way; you may want to login from everywhere.
In order to keep connected from everywhere while protecting system itself against brute force attacks, you can disable password based authentication in ssh and still continue to connect with public key authentication (See also: Passwordless ssh setup). To do this, change or add following line in /etc/ssh/sshd_config and restart ssh server:
PasswordAuthentication no
- 0 Comment
- Murat Demirten
- 10 Jul 2008, 11:01
-
You must be login first or sign-up for an account to post comments.
USERBOX
CATEGORIES
MOST READ TODAY
- Redirecting tcp / udp ports with socat
- Java Runtime Environment on Mozilla Firefox
- Using netstat
- Fast process lookup and signaling
- Booting from an ISO image using qemu
- Converting MAC dfonts to TrueType
- Looking exim mail queue like mailq
- Find out if a command is aliased to another command
- Evaluating expressions
- Enabling remote desktop on a VirtualBox Machine
LAST ADDED
- Learning which libraries are used for a binary
- Evaluating expressions
- Using netstat
- Exim and hostname fqdn problem
- Auto directory spelling corrections
- Disabling emacs splash screen
- Getting a nice SELinux audit report
- Learning all of the available system calls
- Find out if a command is aliased to another command
- Fast process lookup and signaling
