[Gllug] ssh brute force attacks
Jose Luis Martinez
jjllmmss at googlemail.com
Tue Dec 9 05:09:13 UTC 2008
2008/12/8 Nix <nix at esperi.org.uk>:
> On 8 Dec 2008, Hari Sekhon said:
>> 1) You still end up with lots of garbage in your logs from failed
>> attempts by not preventing attempts
>
> Ooh dear. Use a decent syslogd like syslog-ng to filter them out.
>
>> 2) You may need to use passwords at some time, because not everyone will
>> have keys or can be trusted to properly secure their keys etc...
>
> If someone doesn't have a key, give him one. If he won't accept one, he
> can't log in. It's that simple. Not everyone can be trusted to secure
> their keys? Then passphrase them: if they can't keep the passphrase
> secure, then they can't keep their passwords secure either.
Or use tokens. There are many solutions out there and nowadays they
provide PAM modules to work with SSH.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list