You are directed here because
your node was detected to have offered password authentication or
public key authentication for the SSH server service. This is in
violation of the FNAL
Authentication policy. All nodes offering this SSH
service must utilize Kerberos authentication. While your SSH
configuration may be configured to use Kerberos, it is also configured
to fall back to a less secure Password or other unapproved
authentication method. This permits attackers to attempt to brute-force
users and passwords to gain unauthorized access to your system or
otherwise access your system using non-centrally managed user
To remediate this event, you can:
In addition, if you are using SSHv1, you should upgrade to SSHv2. Also, if you do not require general inbound SSH access, you should implement host based controls (such as IPTABLES) to prevent unwanted access attempts. If you are unsure as how to reconfigure your SSHD service or how to apply host based controls, please contact the Fermilab Service Desk or your local system administrator.
After applying one of the methods above, please visit the URL in the email notice you received to close the event.
For assistance contact firstname.lastname@example.org.