[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] List of Relays' Available SSH Auth Methods



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Here's an interesting and relevant talk on SSH security:

http://www.bsdcan.org/2013/schedule/events/403.en.html

On 11/18/2014 12:38 PM, Kevin de Bie wrote:
> 
> Fail2Ban works really well. Shifting to a non standard port only
> stops the scriptkids from having too much automated options and
> does not do anything for actual security. For this reason I
> personally never bothered with that. Non standard username and
> password auth with fail2ban makes brute forcing practically
> impossible, this is usually how I have things configured.
> 
> 
> Op 17:46 di 18 nov. 2014 schreef Zack Weinberg <zackw@xxxxxxx 
> <mailto:zackw@xxxxxxx>>:
> 
> On Tue, Nov 18, 2014 at 11:15 AM, Toralf Förster 
> <toralf.foerster@xxxxxx <mailto:toralf.foerster@xxxxxx>> wrote:
>> On 11/18/2014 04:28 PM, Jeroen Massar wrote:
>>> People should realize though that it is not 'safer' in any way
> running
>>> SSH on another port.
>> 
>> But it is (slightly) more expensive - which counts, or ?
> 
> In my limited experience, moving SSH to another port made no
> apparent difference to the number of random attempts to break in.
> I'd recommend fail2ban or equivalent instead.
> 
> zw _________________________________________________ tor-relays
> mailing list tor-relays@xxxxxxxxxxxxxxxxxxxxxx 
> <mailto:tor-relays@xxxxxxxxxxxxxxxxxxxx> 
> https://lists.torproject.org/__cgi-bin/mailman/listinfo/tor-__relays
>
> 
<https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>
> 
> 
> 
> _______________________________________________ tor-relays mailing
> list tor-relays@xxxxxxxxxxxxxxxxxxxx 
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJUa5HOAAoJELxHvGCsI27NllcP/jSI6085xPNOea7IKyfY4QX3
AMssZQq+AP75Bozz3oQAsZuwcRvWI5Umtrjm8Z/1lxQ2yv/SBs7q71Sw3zpsDkta
UPwH7XSvsKthTUnH8q1EJ9yymcASPtpUJ12xbZpSEX6A+0g7DVXOcYyeWHWLW14u
wlUCuf3OgoB7xD3BXkPL/tBh+0e3PbWCED4jT/mQOWrqA1PoOmTmLYbZV1Qf9SK0
Oufl3dlBe8sydfanO69bs9qH4HutlA4tuYmSc0Cp67dzHvMMZeiGqreJhYBxaRcD
2SnrojVfOPWXcH4ftsGiqiiNWKl7qo5RD6xfga9D5gBWSsW3ZgRFfbry7RpjUdGL
hWwtGWiWqCzMq0kYT8jrXZNVVo664GH8ikPiHqvbyI8KSxlBYSpI1Lv6MBV2yxcW
AgeI/YTqhfFFBBq9LFvczqNMpJ/2hP37oDeuaCb60hBefWeY9zHwlN/q8HRQEiTU
VkhI03M2c4tx1fQXDKHdxYc3seEY+RxMj4GXYgOtUOqwytfzSSs4wbh2Cqo0E2dH
vL9hfgjhBl7DOTjf8JXp6P+t5vA0dtjpp6DfuKm0DPmUfdNDTgeXkbHdaj6PviRf
zcwePS63ZVR0fevetCST+1smkOU5byOefyT/KkuXxLhmPqiqsmEzDPUYy8VuyLg2
j8irgydAPonUQwjq/4PU
=Z/nm
-----END PGP SIGNATURE-----
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays