[lug] keeping up with attacks

Zan Lynx zlynx at acm.org
Sat May 4 19:32:19 MDT 2019

On 5/4/2019 10:59 AM, Stephen Kraus wrote:
> SSH: No fail2ban? Just keep guessing till you win. No cert guessing or 
> sniffing needed. Public key eliminates some of that, but its still not 
> good practice to expose SSH.

Literally none of the Linux administrators I know personally run SSH 
with password auth enabled. As you say, that would be a bad idea.

With public / private keypairs or certificates you could keep guessing 
for eternity and never get in.

                 Knowledge is Power -- Power Corrupts
                         Study Hard -- Be Evil

More information about the LUG mailing list