On Mon, Apr 17, 2006 at 09:44:50AM -0400, Dan Langille wrote: > > Personally, I prefer to firewall off ssh so that incoming connections > are accepted only from location I want. For example, all of my boxes > will accept ssh from each other. I then add in a couple of trusted > locations (friend's boxes, etc). Great if you just need to get onto the machine from a trusted location, useless if you need to get onto the machine to fix it in a pinch from wherever you are, or to read mail from it, or to test something from another location... its all just obfuscation. Let ssh handle the security. If you don't trust it then why do you have it on at all? mh -- Martin Hicks || mort [ at ] bork [ dot ] org || PGP/GnuPG: 0x4C7F2BEE