[TriLUG] ssh question
John Vaughters via TriLUG
trilug at trilug.org
Mon Oct 24 12:53:10 EDT 2016
+1 of Igor's comment
The one exception is if you had a private network not connected to any outside network, but how often is this really the case. The person who mentioned the DDOS attacks is also correct. The Embedded Linux craze is making a ripe environment of users not understanding the power in their hands. An RPi and all the other embedded variations are full blown computers capable of just about anything, only limited by computing power, but DDOS attacks do not require power, only scale. The ssh key pairs are simple, and even no password is better than having a default user. However, I recommend keys with passwords and use a key agent like pageant for windows or ssh-agent for linux.
Also, you will find the ssh keypair used with an agent a MAJOR time saver.
>My advice to you and everyone is to take security seriously because it's so
easy to do: disable password-based ssh logins and use ssh keypairs
everywhere. It is more convenient than passwords, actually protects you
(passwords, especially default ones don't), and is the right thing to do.
More information about the TriLUG
mailing list