Posted by: Anonymous Coward
on June 07, 2005 12:35 AM
at least with ssh, remember to 1) require passwords 2) dissallow root 3) require certificate authentication if it is at all reasonable.
I have never been bitten by number 2, but I have had machines broken in to because I didn't follow 1 and 3. Thankfully, the hacker who got in to the account with no password didn't do much. I never did figure out what the other hacker had accomplished. SSH is one of the most hacked at secure systems on linux. It is very easy to get it right and be immune to all the attacks. What the hackers are really looking for is sloppy admin behavior. If you follow the above 3 points, even an unpatched Redhat 7.0 should be secure. Note that I don't recomend going un-patched.
Besides, using certificates makes using ssh easier for the users -- just make sure that you trust the machines using the certs, and if you loose trust in one, then delete the server certificate that allows that machine to access the server.
Learn about Linux
Download Linux
Get Linux help
yes, encrypt, but ....
Posted by: Anonymous Coward on June 07, 2005 12:35 AM1) require passwords
2) dissallow root
3) require certificate authentication if it is at all reasonable.
I have never been bitten by number 2, but I have had machines broken in to because I didn't follow 1 and 3. Thankfully, the hacker who got in to the account with no password didn't do much. I never did figure out what the other hacker had accomplished. SSH is one of the most hacked at secure systems on linux. It is very easy to get it right and be immune to all the attacks. What the hackers are really looking for is sloppy admin behavior. If you follow the above 3 points, even an unpatched Redhat 7.0 should be secure. Note that I don't recomend going un-patched.
Besides, using certificates makes using ssh easier for the users -- just make sure that you trust the machines using the certs, and if you loose trust in one, then delete the server certificate that allows that machine to access the server.
#