[lug] Re: What to do about SSH attacks
David Anselmi
anselmi at anselmi.us
Sat Oct 30 13:49:33 MDT 2004
Sean Reifschneider wrote:
> On Thu, Oct 28, 2004 at 07:52:10AM -0600, Bill Thoen wrote:
>
>>I've been noticing ever more concerted attacks via ssh lately. The last
>>two last night were from karp.ece.cmu.edu: 34 times, and 206.166.198.131:
>
> Coincidentally, I just wrote something up on this in my journal:
>
> http://www.tummy.com/journals/entries/jafo_20041029_151145
In the third paragraph you say:
'then change "/etc/ssh/sshd_config" so that "PasswordAuthentication" is
"no"'
On Debian (Sarge) systems you also have to set "UsePAM" to "no" or
passwords will still work.
FWIW,
Dave
More information about the LUG
mailing list