securing sshd

Elias Chrysocheris eliaschr at
Sat Mar 20 16:31:08 UTC 2010

On Saturday 20 of March 2010 18:14:17 Jerry wrote:
> On Sat, 20 Mar 2010 16:32:28 +0100
> Erik Norgaard <norgaard at> articulated:
> > > * Disabled password logins completely, and to only allow public key
> > > authentication
> >
> > This seems good for security, but not always practical. Now you have
> > to walk around with a USB or have keys on your laptop and if you
> > loose the USB or the laptop gets stolen you can't get access. Worse,
> > you can't revoke the keys till you get back home.
> Worse yet, if you get shot and killed you won't be able to access your
> data no matter how hard you try.
> Seriously, disabling password log-ins and using key authentication is
> extremely secure. Do make sure that you password protect your keys
> however. In any event, if you laptop or whatever is stolen, you have
> more than just one problem to contend with anyway.

Another thing you could do is perhaps to secure your sshd using a program like 
sshguard. This is another measure you could take against brute force attack to 
your ssh.


More information about the freebsd-questions mailing list