SLUG Mailing List Archives - Re: [SLUG] ssh certificate logins

To: slug@xxxxxxxxxxx
Subject: Re: [SLUG] ssh certificate logins
From: Erik de Castro Lopo <mle+slug@xxxxxxxxxxxxx>
Date: Fri, 10 Oct 2008 10:16:05 +1100
Organization: Erik Conspiracy Secret Labs
Reply-by: Fri Mar 4 18:43:51 EST 2000
Reply-to: slug@xxxxxxxxxxx

Phill O'Flynn wrote:

> I am running a fedora server and currently using hosts.allow to
> only allow ssh accesses from specific ip addresses. I did this because I was getting
> a lot of idiots from eastern Europe and Russia tring to crack my server.
> 
> This has been ok  but now is prooving to be too restrictive. Can I get the
> server to force certificate based logins only?? If so how do I do it?? Is this the
> best approach anyway??

Also have a look at pam_abl:

    http://www.hexten.net/wiki/index.php/Pam_abl

Erik
-- 
-----------------------------------------------------------------
Erik de Castro Lopo
-----------------------------------------------------------------
"Anyone who says you can have a lot of widely dispersed people hack
away on a complicated piece of code and avoid total anarchy has never
managed a software project." - Andy Tanenbaum in 1992 on comp.os.minix

Follow-Ups:
- Re: [SLUG] ssh certificate logins
  - From: Daniel Pittman

References:
- [SLUG] ssh certificate logins
  - From: Phill O'Flynn

Messages sorted by: [ date | thread ]
Prev by Date: Re: [SLUG] ssh certificate logins
Next by Date: Re: [Fwd: Re: [SLUG] IOWait definition]
Previous by thread: Re: [SLUG] ssh certificate logins
Next by thread: Re: [SLUG] ssh certificate logins