> Its really just ssh access for maintenance purposes that I
> want to secure
If you are doing this I'd strongly advise having a second box which does
allow foreign access. If you or any of your users happen to be abroad
and need to log in then you can route through that box. Personally
however I'd look at blocking the attempts you've seen thus far and
remember that a cracker is unlikely to use a legitimate IP adress. Also
worth noting is that if you keep your system patched it's unlikely to be
worth their while spending the time required to break in.
If you and only a small list of people actually should have remote
maintenance access you could restrict it so that only connections from
the second box are accepted and always route through that.
Regards,
Stephen
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
