1 |
On Tue, Jan 20, 2009 at 5:47 PM, Etaoin Shrdlu <shrdlu@×××××××××××××.org> wrote: |
2 |
> On Tuesday 20 January 2009, 22:33, Paul Hartman wrote: |
3 |
>> Hi, |
4 |
>> |
5 |
>> After setting up public key authentication i changed my sshd back to |
6 |
>> port 22 and got the expected bombardment of connection attempts. |
7 |
>> However, it doesn't seem to ever stop them. I'm using sshd with this |
8 |
>> setting: |
9 |
>> |
10 |
>> MaxAuthTries 3 |
11 |
>> |
12 |
>> in my /etc/ssh/sshd_config |
13 |
>> |
14 |
>> So, why does it allow unlimited failed login attempts? For example, as |
15 |
>> I write this I'm seeing this in my logs: |
16 |
>> |
17 |
>> Jan 20 14:54:38 [sshd] Invalid user ejin from 72.70.42.36 |
18 |
>> Jan 20 14:54:39 [sshd] Invalid user core from 72.70.42.36 |
19 |
>> [cut] |
20 |
> |
21 |
> What MaxAuthTries does is just start logging the failed attempts when |
22 |
> they reach ( value / 2 ). |
23 |
> |
24 |
> MaxAuthTries |
25 |
> Specifies the maximum number of authentication attempts |
26 |
> permitted per connection. Once the number of failures |
27 |
> reaches half this value, additional failures are logged. |
28 |
> The default is 6. |
29 |
|
30 |
Hi, |
31 |
|
32 |
I use this |
33 |
|
34 |
http://www.go2linux.org/fail2ban-secure-linux-services-from-brute-forces-attacks |
35 |
|
36 |
or this |
37 |
|
38 |
http://www.go2linux.org/denyhosts-secure-your-linux-against-dictionary-attacks |
39 |
|
40 |
you may also want to read this: |
41 |
|
42 |
http://www.go2linux.org/disable-ssh-root-direct-login |
43 |
> |
44 |
> |
45 |
> |
46 |
> |
47 |
|
48 |
|
49 |
|
50 |
-- |
51 |
Guillermo Garron |
52 |
"Linux IS user friendly... It's just selective about who its friends are." |
53 |
(Using Ubuntu, Debian, Gentoo) |
54 |
http://feeds.feedburner.com/go2linux |
55 |
http://www.go2linux.org |