[Gllug] ssh brute force attacks
Nix
nix at esperi.org.uk
Mon Dec 8 23:58:11 UTC 2008
On 8 Dec 2008, Hari Sekhon said:
> 1) You still end up with lots of garbage in your logs from failed
> attempts by not preventing attempts
Ooh dear. Use a decent syslogd like syslog-ng to filter them out.
> 2) You may need to use passwords at some time, because not everyone will
> have keys or can be trusted to properly secure their keys etc...
If someone doesn't have a key, give him one. If he won't accept one, he
can't log in. It's that simple. Not everyone can be trusted to secure
their keys? Then passphrase them: if they can't keep the passphrase
secure, then they can't keep their passwords secure either.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list