On Wed, 2008-11-26 at 18:06 -0400, Marc G. Fournier wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> > Since were chatting :P. My vote would be to move everything back to port
> > 22 and force key based auth only.
>
> How does that work? Does that kill the script kiddies in their tracks? I'm
> guessing so, but had never thought to try it ...
>
Well they can still talk to the port of course but its irrelevant
because unless they have an ssh key, they aren't getting in. Period.
> How would someone upload their key if they don't have access? Some sort of web
> interface? One wouldn't want to throw extra admin overhead if it can be
> avoided ...
>
See other comment on this.
Joshua D. Drake
--
PostgreSQL Consulting, Development, Support, Training 503-667-4564 - http://www.commandprompt.com/ The PostgreSQL
Company,serving since 1997