My only thought is even with password auth. turned off hostile persons can still... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

_1u0j on March 4, 2013 | parent | context | favorite | on: How I spend my first 5 minutes on a server

My only thought is even with password auth. turned off hostile persons can still connect to the ssh daemon and might discover and unknown vulnerability or some type of dos. If you know someone is trouble why let them in even if you are wearing armor?

numbsafari on March 4, 2013 [–]

It'd really suck if they could forge traffic from you that looked like a failed login attempt and that resulted in you getting banned.

anderiv on March 4, 2013 | [–]

That is why fail2ban allows you to configure a whitelisted IP (your office, VPN, etc.) that will never get banned.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact