linux ssh security defaults

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
To prevent brute force attacks i think that linux ssh, etc services
should default for example to allow at first 30 logins within 10
minutes or so and then if that is exceeded allow only 1 per minute for
next hour or so

Don't know if this is right place to complain but i don't think
current defaults are good enough as they are!!! Only 6.5536 * 10^12
variations in any good 8 charcters long password made out of only
lowercase letters and numbers. It's absolutely possible to crack that
with just brute force.

Re: linux ssh security defaults

On Dec 8, 4:54 am, wrote:
Quoted text here. Click to load it

Try public key auth.

Re: linux ssh security defaults wrote:

Quoted text here. Click to load it

I prefer to utilize
MaxAuthTries 3

And configure a firewall to ban and tarpit any individual host that
attempts to create more than N  new port 22 connections in a 60
second period  (where N is some small number like 3 or 4)

Disabling password based auth and using public keys is fine for
protecting hosts configured that way.

But it does nothing to combat log spam, or dumb brute forcers repeatedly
attempting to autenticate (even though the attempt will definitely fail)


Site Timeline