Security Basics mailing list archives
ssh login protection
From: Edmund <cc () belfordhk com>
Date: Tue, 02 Dec 2003 11:17:26 +0800
Hi, I was wondering if someone could clarify something for me. I often ssh into two mail servers from dialup(thus dynamic ip) at home. Right now, I specify which IPs that can ssh into the two machines but for dynamic IPs, I can't do that unless I go crazy and allow xx.xx.xx.xx/16, which is not very secure. But due to the importance of me needing to ssh to the servers, I've been 'slacking' off the security and allowing a certain range of IPs (those that I'm certain are from my ISP at home). Can someone tell me if this is the appropriate way? Or do I allow any IPs from sshing? The reason why I'm asking is that I'll be taking a holiday and believe I'll also need to ssh to the mail servers. I don't know the IPs ahead of time since where I'll be staying, it'll also be dynamically assigned. Is there a solution to this problem? I don't want to open the servers to attacks from any SSH-related issues that crackers would take advantage of. Any help appreciated --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- ssh login protection Edmund (Dec 02)
- Re: ssh login protection Andreas Schubert (Dec 02)
- Re: ssh login protection Burak Bilen (Dec 03)
- <Possible follow-ups>
- RE: ssh login protection Shawn Jackson (Dec 02)
- RE: ssh login protection LordInfidel (Dec 03)
- RE: ssh login protection Tony Kava (Dec 04)