[Gllug] ssh brute force attacks

Nix nix at esperi.org.uk
Mon Dec 8 23:58:11 UTC 2008


On 8 Dec 2008, Hari Sekhon said:
> 1) You still end up with lots of garbage in your logs from failed 
> attempts by not preventing attempts

Ooh dear. Use a decent syslogd like syslog-ng to filter them out.

> 2) You may need to use passwords at some time, because not everyone will 
> have keys or can be trusted to properly secure their keys etc...

If someone doesn't have a key, give him one. If he won't accept one, he
can't log in. It's that simple. Not everyone can be trusted to secure
their keys? Then passphrase them: if they can't keep the passphrase
secure, then they can't keep their passwords secure either.
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list