Why is port 22 open by default?

Scott Mitchell scott+freebsd at fishballoon.org
Sun May 11 03:30:52 PDT 2003


On Sun, May 11, 2003 at 12:41:39AM +0000, Daniela wrote:
> Just one question: Why isn't rsa/dsa key authentication the default?
> Is it hard to set up? Are there other drawbacks?

Public key authentication should be enabled by default.  Once you have all
the right keys in the right places it should just work, then you can turn
off password-based authentication.

It's not really hard to set up, but there's several steps so it's easy to
mess up the first time you try it.  Googling for 'ssh public key setup'
finds various pages that will walk you through the whole process.  Remember
that the public key stays on the server, while the private key needs to be
distributed to clients, which might seem backwards at first.  And make sure
you choose a good passphrase to secure the private key!

	Scott

-- 
===========================================================================
Scott Mitchell           | PGP Key ID | "Eagles may soar, but weasels
Cambridge, England       | 0x54B171B9 |  don't get sucked into jet engines"
scott at fishballoon.org | 0xAA775B8B |      -- Anon


More information about the freebsd-questions mailing list