Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- linux ssh security defaults
December 8, 2007, 11:54 am
rate this thread
should default for example to allow at first 30 logins within 10
minutes or so and then if that is exceeded allow only 1 per minute for
next hour or so
Don't know if this is right place to complain but i don't think
current defaults are good enough as they are!!! Only 6.5536 * 10^12
variations in any good 8 charcters long password made out of only
lowercase letters and numbers. It's absolutely possible to crack that
with just brute force.
Re: linux ssh security defaults
I prefer to utilize
And configure a firewall to ban and tarpit any individual host that
attempts to create more than N new port 22 connections in a 60
second period (where N is some small number like 3 or 4)
Disabling password based auth and using public keys is fine for
protecting hosts configured that way.
But it does nothing to combat log spam, or dumb brute forcers repeatedly
attempting to autenticate (even though the attempt will definitely fail)
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum