[lime-dev] SSH access with password
pau at dabax.net
Tue Dec 19 11:09:09 UTC 2017
All of them do not allow root password (PermitRootLogin
without-password), so most of the bruteforce attacks are mitigated.
In addition all of them has fail2ban enabled, so Iptables rules are
added automatically to block brute-force.
Anyway, I just changed PasswordAuthentication to no in all of them so
not even the users are allowed to use password.
Thanks for the advice!
On 18/12/17 23:53, Paul Spooren wrote:
> Hi all,
> I've just checked and the following servers all allow login via password
> (instead of SSH key only). Is anyone actually using this?
> I'd recommend to disable all password access and SSH key only or
> additionally install sshguard  to block brute force attacks.
> - libremesh.org
> - downloads.libremesh.org
> - snapshots.libremesh.org
> - more?
> Best, Paul
>  https://packages.debian.org/jessie/sshguard
> lime-dev mailing list
> lime-dev at lists.libremesh.org
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: OpenPGP digital signature
More information about the lime-dev