dhis2-users team mailing list archive
-
dhis2-users team
-
Mailing list archive
-
Message #00948
Re: Secure remote access
On 9 March 2012 11:52, Jason Pickering <jason.p.pickering@xxxxxxxxx> wrote:
>>
>> I'd use HTTPS/SSL for web access and definitely use SSH (preferably using
>> both certificates and passwords) for server access (for people administering
>> the linux installations).
>>
>
> SSH is a must. I would also move it to a non-standard port, and
> disable remote access with passwords, and disable the root user from
> being able to login over SSH. You will still get a lot of bot attacks,
> but using certificates (with a password) will greatly increase the
> security of the server.
what certificates? I just use my public and private key combination
ie. copy my public key into ~/ssh/authorized_keys on the server.
Disabling remote access with passwords is really important, but
sometimes it takes a bit of time getting people used to using keys.
Worth the effort though. Don't lose the keys.
>
> _______________________________________________
> Mailing list: https://launchpad.net/~dhis2-users
> Post to : dhis2-users@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~dhis2-users
> More help : https://help.launchpad.net/ListHelp
Follow ups
References