Securing access to your server
Kasia brings up a couple of good points in her blog entry Secure access to your server checklist.
With the recent increase of break-in attempts via ssh, here's a little checklist of making sure your server is as secure as you can make it while still being able to access it from the outside. Read more.
Under FreeBSD to lock accounts type pw lock username which puts some extra text in the password field, preventing ssh or console login using that username.
Using chsh you can change a users shell. For example to change a users shell to /sbin/nologin use chsh -s /sbin/nologin username.
If you see increasing failed login attempts in your logfiles, you can start firewalling port 22 traffic to networks where you might need SSH access from, say from your work LAN, etc.
ipfw add 401 allow tcp from z.z.z.z/29 to y.y.y.y 22 in via fxp0 setup
ipfw add 499 deny tcp from any to any 22 in via fxp0 setup
man ipfw is your friend when working out firewall rules.