From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.54)
	id 1FGzn0-0006ME-L5
	for garchives@archives.gentoo.org; Wed, 08 Mar 2006 14:37:23 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.5/8.13.5) with SMTP id k28EaF9F014923;
	Wed, 8 Mar 2006 14:36:15 GMT
Received: from srvexch-01.mcaschool.local (srvexch-01.mcaschool.local [24.239.210.32] (may be forged))
	by robin.gentoo.org (8.13.5/8.13.5) with ESMTP id k28EVfj7008560
	for <gentoo-user@lists.gentoo.org>; Wed, 8 Mar 2006 14:31:42 GMT
Content-class: urn:content-classes:message
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Subject: [gentoo-user] SSH + Keys
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Wed, 8 Mar 2006 09:31:54 -0500
Message-ID: <17CD9CE4C0FA574A8B29EF02D49B385D0F52A0@srvexch-01.mcaschool.local>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: SSH + Keys
Thread-Index: AcZBhX7sy9xRXkA/RFGatptLf8+yFABNoDjA
From: "Timothy A. Holmes" <tholmes@mcaschool.net>
To: <gentoo-user@lists.gentoo.org>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by robin.gentoo.org id k28EVfj7008560
X-Archives-Salt: 69deeae2-f60d-46d3-8f14-aaa2fa9e55d5
X-Archives-Hash: a6aadf519159bd6da4d8013c7aba9d19

Good Morning Folks:

I have been doing some reading over the last day or two about a SSH bot
attack that is occurring in some places.  I will be the first to admit
that I have been a bit lax with my ssh security (allowing root logins
etc).  This problem has inspired me to get things cleaned up, and flying
right again.  I have already modified my ssh config to prevent root
logins via ssh, so that hole is closed.  In talking to a friend
yesterday, he suggested using key based authentication to further
protect my servers, which sounds like a great idea.  The problem is that
I have no idea how to set it up.  A google search turned up the Gentoo
pages on keychain, which does not sound exactly like what he was talking
about (he mentioned a key carried on a JUMP drive (usb stick)) 

I am using gentoo (and fedora (soon to be converted) servers) and PUTTY.
If someone can offer suggestions, or point me in the right direction, I
would be most appreciative.  

Timothy A. Holmes
IT Manager / Network Admin / Web Master / Computer Teacher
 
Medina Christian Academy
A Higher Standard...
 
Jeremiah 33:3
Jeremiah 29:11
Esther 4:14		


-- 
gentoo-user@gentoo.org mailing list