(www.kkyri.com)

66 points todsacerdoti | 1 comments | 22 Oct 24 00:52 UTC | HN request time: 0.287s | source

Show context

yjftsjthsd-h ◴[22 Oct 24 01:46 UTC] No.41910374[source]▶

>>41910124 (OP) #

You should always verify that SSH password auth is actually off; run

  ssh -v myserver : 2>&1 | grep continue

and ensure that it only gives "publickey"!

(A surprising number of VPSs will re-enable passwords in a .d config file. And really, even if you've checked for that, the extra 10 seconds to make sure is worth it.)

replies(2): >>41910475 #>>41919948 #

1. kjs3 ◴[22 Oct 24 23:47 UTC] No.41919948[source]▶

>>41910374 #

"Trust but verify" is good advice.

↑

How to secure your new VPS: a step-by-step guide