[tor-relays] List of Relays' Available SSH Auth Methods
Tschador
tschador at posteo.de
Tue Nov 18 20:55:31 UTC 2014
On 2014-11-18 18:46, Jeroen Massar wrote:
> Hence lets make a little list for clarity in order of "should at least do":
>
> - Use SSH Authentication
> - Disable Password Authentication
> - Use Fail2ban
> - Restrict on IP address (no need for fail2ban then)
Additionally - with ssh over hidden services:
HiddenServiceDir /var/lib/tor/hidden_ssh/
HiddenServicePort 22 127.0.0.1:22
there is no need to open any ssh-port. Works very well for my relay
'TorMachine'. No trouble with brute force attacks, huge logfiles and so on.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20141118/6dc7ae81/attachment.sig>
More information about the tor-relays
mailing list