Full Disclosure mailing list archives
Re: targetted SSH bruteforce attacks
From: John Jacobs <flamdugen () hotmail com>
Date: Thu, 17 Jun 2010 15:58:33 -0500
Of course it's wise to disable password authentication and just use public key authentication.Why? Ssh is encrypted, so you're not exposing a password when you login. How does public key authentication make you more secure (in a practical sense)?
Paul, it's more secure in that brute force attacks are mitigated because the private key is required by the client and the public key must appear in ~/.ssh/authorized_keys. Disabling password authentication means a weak password on an account cannot be compromised by brute force or other discovery efforts. A password on the private key provides even greater defense-in-depth security. Disable password authentication and enforce key-pair authentication and targeted brute-force attacking becomes moot very quickly. Moving SSHd from TCP 22 also keeps the script-kiddies and automated scanners away. After doing these two basic things then it's time to focus on fail2ban, denyhosts, and the other firewall integrating solutions.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: targetted SSH bruteforce attacks, (continued)
- Re: targetted SSH bruteforce attacks Bipin Gautam (Jun 17)
- Re: targetted SSH bruteforce attacks Gregory Bellier (Jun 17)
- Re: targetted SSH bruteforce attacks Gary Baribault (Jun 17)
- Re: targetted SSH bruteforce attacks Samuel MartÃn Moro (Jun 17)
- Re: targetted SSH bruteforce attacks yersinia (Jun 23)
- Re: targetted SSH bruteforce attacks Cody Robertson (Jun 23)
- Re: targetted SSH bruteforce attacks Gary Baribault (Jun 23)
- Re: targetted SSH bruteforce attacks Cody Robertson (Jun 23)
- Re: targetted SSH bruteforce attacks Paul Schmehl (Jun 17)
- Re: targetted SSH bruteforce attacks John Jacobs (Jun 17)
- Re: targetted SSH bruteforce attacks Xin LI (Jun 17)
- Re: targetted SSH bruteforce attacks Valdis . Kletnieks (Jun 18)
- Re: targetted SSH bruteforce attacks Marsh Ray (Jun 21)
- Message not available
- Re: targetted SSH bruteforce attacks Marc Olive (Jun 22)
- Re: targetted SSH bruteforce attacks bugs (Jun 26)
- Re: targetted SSH bruteforce attacks Sebastian Rother (Jun 17)
- Re: targetted SSH bruteforce attacks Thor (Hammer of God) (Jun 17)
- Re: targetted SSH bruteforce attacks BMF (Jun 17)