← Back to team overview

dhis2-users team mailing list archive

Re: Secure remote access

 

On 9 March 2012 11:52, Jason Pickering <jason.p.pickering@xxxxxxxxx> wrote:
>>
>> I'd use HTTPS/SSL for web access and definitely use SSH (preferably using
>> both certificates and passwords) for server access (for people administering
>> the linux installations).
>>
>
> SSH is a must. I would also move it to a non-standard port, and
> disable remote access with passwords, and disable the root user from
> being able to login over SSH. You will still get a lot of bot attacks,
> but using certificates (with a password) will greatly increase the
> security of the server.

what certificates?  I just use my public and private key combination
ie. copy my public key into ~/ssh/authorized_keys on the server.

Disabling remote access with passwords is really important, but
sometimes it takes a bit of time getting people used to using keys.
Worth the effort though.  Don't lose the keys.

>
> _______________________________________________
> Mailing list: https://launchpad.net/~dhis2-users
> Post to     : dhis2-users@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~dhis2-users
> More help   : https://help.launchpad.net/ListHelp


Follow ups

References