HOWTO: Security

Gary E. Miller gem at rellim.com
Tue May 24 22:03:59 UTC 2016


Yo Kurt!

On Tue, 24 May 2016 23:45:39 +0200
Kurt Roeckx <kurt at roeckx.be> wrote:

> > > Would it suffice to say "Never put a Pi on an un-NATted address
> > > until you have removed the default account?"  
> > 
> > Most people's NATs leak a lot.  Or they have IPv6 end around.
> > 
> > Just change the password, to a good one, the FIRST step.  
> 
> Can I just suggest that you don't allow password based logins over
> the network?

That is my personal standard, but a lot of the readers will be new
to SSH and the commandline.

And this is a Stratum 1 HowTo, not an SSH security Howto.  It
threatens to become an everything about Unix Howto.

I'd be happy if we don't say anything wrong, and leave the related
best practices to others to document.

So maybe you have a good link for a 'Further Reading' appendix?

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ntpsec.org/pipermail/devel/attachments/20160524/a1294fb6/attachment.bin>


More information about the devel mailing list