[Gllug] ssh brute force attacks

Jose Luis Martinez jjllmmss at googlemail.com
Tue Dec 9 05:09:13 UTC 2008


2008/12/8 Nix <nix at esperi.org.uk>:
> On 8 Dec 2008, Hari Sekhon said:
>> 1) You still end up with lots of garbage in your logs from failed
>> attempts by not preventing attempts
>
> Ooh dear. Use a decent syslogd like syslog-ng to filter them out.
>
>> 2) You may need to use passwords at some time, because not everyone will
>> have keys or can be trusted to properly secure their keys etc...
>
> If someone doesn't have a key, give him one. If he won't accept one, he
> can't log in. It's that simple. Not everyone can be trusted to secure
> their keys? Then passphrase them: if they can't keep the passphrase
> secure, then they can't keep their passwords secure either.

Or use tokens. There are many solutions out there and nowadays they
provide PAM modules to work with SSH.
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list