home | list info | list archive | date index | thread index

Re: [OCLUG-Tech] Re: ssh suggestions

On Mon, Apr 17, 2006 at 09:44:50AM -0400, Dan Langille wrote:
> 
> Personally, I prefer to firewall off ssh so that incoming connections 
> are accepted only from location I want.  For example, all of my boxes 
> will accept ssh from each other.  I then add in a couple of trusted 
> locations (friend's boxes, etc).

Great if you just need to get onto the machine from a trusted location,
useless if you need to get onto the machine to fix it in a pinch from
wherever you are, or to read mail from it, or to test something from
another location...

its all just obfuscation.  Let ssh handle the security.  If you don't
trust it then why do you have it on at all?

mh

-- 
Martin Hicks || mort [ at ] bork [ dot ] org || PGP/GnuPG: 0x4C7F2BEE

message navigation