Denis Warburton on Nostr: Are there risks to allowing password authentication? Sure - you might end up in a ...
Are there risks to allowing password authentication?
Sure - you might end up in a situation where someone in China attempts to enter invalid username/password combinations for **days** … until you discover it, and change the non-standard port on which the SSH service is reached.
(This happened four years ago, to one of my PowerBook G4 systems in another state.)
As long as you think about SSH security in depth, and configure it / your system properly, these risks can be mitigated.
Sure - you might end up in a situation where someone in China attempts to enter invalid username/password combinations for **days** … until you discover it, and change the non-standard port on which the SSH service is reached.
(This happened four years ago, to one of my PowerBook G4 systems in another state.)
As long as you think about SSH security in depth, and configure it / your system properly, these risks can be mitigated.