Security

Ewoud Kohl van Wijngaarden ewoud+ovirt at kohlvanwijngaarden.nl
Wed Oct 9 09:18:02 UTC 2013


On Wed, Oct 09, 2013 at 10:41:36AM +0200, Vinzenz Feenstra wrote:
> I see again quite a lot of "POSSIBLE BREAK-IN ATTEMPT" alerts lately
> mainly originating from *hichina.com
>
> Could you guys please address this? Thanks

What do you think of disabling SSH passwords and use just SSH keys?
Fairly easy to roll out using puppet and thanks to puppet we also have
most of our keys installed. It will mean that we might need to install
some more keys for a few people and it may not stop the possible break
in attempts in the logs (because those are because of incorrect forward
+ reverse DNS), but should make it more secure.



More information about the Infra mailing list