Is it safe to open ssh port to world with only key based authentication?
Ian Pilcher
i.pilcher at comcast.net
Fri Nov 25 16:31:27 UTC 2005
Vijay Gill wrote:
I read it somewhere (I googled and found it, but cannot find it
> again) that if password based authentication is disabled and using
> only key based, it is safe to have your fedora box available over the
> internet so that you can login remotely.
I opened port 22 at one point (with password-based authentication on),
and it didn't take long before someone in Asia was trying to guess IDs
and passwords.
My current setup uses OpenVPN (available in Fedora Extras) running on a
randomly selected UDP port. UDP port scans are much slower than TCP
port scans, so it's less likely to be noticed.
--
========================================================================
Ian Pilcher i.pilcher at comcast.net
========================================================================
More information about the fedora-list
mailing list