Re: [bitfolk] The perils of opening tcp/22 to the Internet

Hi Darren, On Sun, Mar 14, 2010 at 10:34:54AM +0000, Darren Davison wrote: Very few customers ask for provision with an SSH key. Of the requests to set up rsync-over-ssh backups I've dealt with, many of them involve a lot of back and forth because the customer was unable to set up authentication by SSH key. A couple of people actually gave up setting up backups because they couldn't figure it out. :/ Less than half of BitFolk's customer base is represented on this mailing list, despite it saying at the bottom of the provisioning email that you really should be on this list to hear about stuff. All of this leads me to believe a few things: - Most of BitFolk's customers are looking for personal hosting. - They're not experienced sysadmins. - They don't use SSH key auth. - The people on this list are more into sysadmin than the average BitFolk customer, and more likely to understand why they should be using SSH keys. I have had a poor success rate with enforced learning, and to me it feels like it's going to be a real turn off for the average customer if they find out they have to learn about SSH keys in order to buy a VPS. (this doesn't change the fact that I think that almost everyone should be using SSH keys) Do we know of any other VPS business that requires SSH key login? I am aware of Steve Kemp's servers but I wouldn't really class them as VPS businesses and that is pitched at much more technically adept folks. Like a lot of best practices, it's simple, effective and not widely used due to ignorance/laziness. The average BitFolk customer does not have backups or a firewall, either. I can't even give away backups. Cheers, Andy