Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] remote access to server

Kevin Sullivan wrote:
Port :22 is now closed before they get around to guessing my non-root
super-user name and pw.

Won't happen here. This is a puny " guessing work ".

... Unless you ever used your admin user credentials elsewhere, of course.

What methods allow relatively secure remote login for admin purposes
from outside the local lan? Noobie here on the finer points of sysadmin
and running a webserver from home open to the big bad world out there.

Our colleagues here mention some of the direct measures you can go down top to bottom depending on how the attacker is really capable of compromising your system, but in this scenario, a combination of unique admin credentials plus " fail2ban " feature in place and the " allowrootlogin " config to your SSHD service set to " no " makes it impractical.

Changing default port number is not only an overkill but can lead to having no access at all from systems/networks only allowing traffic from established ports.


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links