© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Using a crappy password for an important service because it needs to be easy to remember is a very, very bad idea. A much better idea is to choose a difficult-to-crack password, and keep it in your wallet.
While it takes some setting up, as long as you're keeping things in your wallet you might look into setting up OPIE (S/KEY) for your server. It uses a short pass phrase, that changes every time you log in. Practically impossible to crack, and renders keyboard sniffing useless.
Many sshd users, because of the constant crack attempts (my logs are filled, too), opt to choose a different port for their servers to sit on. This pretty much eliminates the attacks.
Personally, I use key-based authentication, with a failover to OTP. I keep a list of the passphrases in my wallet.