[clnet users] Changes to common-lisp.net you should know about.
Erik Enge
erik.enge at gmail.com
Tue Feb 7 22:51:46 UTC 2006
Hi.
First: I've created this mailinglist (users at common-lisp.net) so I can
reach you all at once. Only the maintainer of the server (ie moi) can
post to this list and I intend to do so as rarely as I can get away
with.
I'm emailing you today because I'm worried about all the brute force
SSH attacks on clnet and I think I have a solution which may affect
how you authenticate with clnet via SSH. What I propose to do is
disallow password-based logins and only allow publickey-based ones.
This basically means that everyone is forced to do passwordless logins
which is a win-win, I think.
However, you may feel otherwise, thus this email. Reply to me with
your thoughts on why I should not do this. After hearing your
thoughts and if I still want to go ahead with it I'll email this list
with the date by which you should have your public key configured and
set up. If we do this I'll also add a mini-howto section to the FAQ
describing how to do this.
Thanks,
Erik.
More information about the Users
mailing list