SLUG Mailing List Archives
Re: Compromised Linux box stories (Re: [SLUG] upgrading complicated installs
- To: peter@xxxxxxxxxxxxxxxxxx
- Subject: Re: Compromised Linux box stories (Re: [SLUG] upgrading complicated installs
- From: Rick Welykochy <rick@xxxxxxxxxxxxx>
- Date: Tue, 03 Jun 2008 15:33:15 +1000
- Cc: Dean Hamstead <dean@xxxxxxxxxxxxxxx>, slug@xxxxxxxxxxx
- User-agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:126.96.36.199) Gecko/20080313 SeaMonkey/1.1.9
Depends how you set it up. Mine has a `three tries and you're out'
policy. And as I use an ssh-agent on my (carry around) laptop,
there's no chance of being locked out accidentally.
I assume three times password fails and you're out, right?
Can one configure ssh so that the password attempts are TCP wrapped,
but the cert-based (ssh-agent) logins are always allowed, no
matter where you are?
Rick Welykochy || Praxis Services || Internet Driving Instructor
If stupidity got us into this mess, then why can't it get us out?