| From: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
|---|---|
| To: | Steve Crawford <scrawford(at)pinpointresearch(dot)com> |
| Cc: | David Fetter <david(at)fetter(dot)org>, Kris Jurka <books(at)ejurka(dot)com>, "Marc G(dot) Fournier" <scrappy(at)hub(dot)org>, Dave Page <dpage(at)pgadmin(dot)org>, Tatsuo Ishii <ishii(at)postgresql(dot)org>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: What's going on with pgfoundry? |
| Date: | 2008-11-26 22:00:59 |
| Message-ID: | 1227736859.9359.201.camel@jd-laptop.pragmaticzealot.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, 2008-11-26 at 13:57 -0800, Steve Crawford wrote:
> David Fetter wrote:
> >
> >
> > We should move to a port-knocking
> > <http://dotancohen.com/howto/portknocking.html> or other modern
> > strategy if we're going to move at all.
> >
> >
> Yeah, but telling my firewall to move port 22 inside to port xxxx
> outside took less time than writing this email. Inside the firewall
> plain old ssh continues to work fine and I don't have to deal with
> issues of forwarding additional ports through the firewall, mucking with
> iptables rules, etc.
>
> For my servers, moving outside access to a non-standard port has proven
> 100% effective for over a year so additional complexity hasn't been
> warranted.
Since were chatting :P. My vote would be to move everything back to port
22 and force key based auth only.
Joshua D. Drake
>
> Cheers,
> Steve
>
>
--
PostgreSQL
Consulting, Development, Support, Training
503-667-4564 - http://www.commandprompt.com/
The PostgreSQL Company, serving since 1997
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Marc G. Fournier | 2008-11-26 22:06:42 | Re: What's going on with pgfoundry? |
| Previous Message | Steve Crawford | 2008-11-26 21:57:40 | Re: What's going on with pgfoundry? |