|
|
|
|
|
|
by ahje
2549 days ago
|
|
|
There are definitely cases where you might need to expose a an SSH setup where passwords are allowed to the World, but there is usually little reason to allow anyone to log in directly as root. Set a long password for the user you log in as (correct horse battery staple-style passwords are perfect for such things), and make sure to put SSH on an alternate port to keep the more basic bots away and thereby reduce the noise. Having to type a long password for sudo promts is a bit of a pain, but that trade-off is worth it from a security perspective. |
|
|