[mythtv-users] Security concerns for my myth box

Paul Pick paul.pick at gmail.com
Thu Dec 16 13:40:48 UTC 2004


> I saw repeated login failures for common userid's, including root.
> Fortunately, I did not have a weak root password or my systems would have
> been hacked.
>  
>  To thwart the attempts, I changed my sshd configuration to not allow ssh
> via passwords at all. To do so, edit /etc/ssh/sshd_config and add the line
> "PasswordAuthentication no".

Another thing you ought to consider doing is restricting the users who
are allowed to login via ssh, like so:

/etc/ssh/sshd_config snippet:

PermitRootLogin no
AllowUsers    $me $girlfriend at 192.168.0.*

(or "AllowUsers root at 192.168.0.6 $me $girlfriend at 192.168.0.*", if you must)

 This way, if you do happen to add a "test/test" user, it won't get ssh
access by default.

-- 
"We are here on Earth to fart around. Don't let anybody tell you any different!"
 -- Kurt Vonnegut


More information about the mythtv-users mailing list