1 |
On Sunday 15 November 2009 08:21:55 Walter Dnes wrote: |
2 |
> On Sat, Nov 14, 2009 at 07:07:28PM -0500, Richard Marza wrote |
3 |
> |
4 |
> > Thank you for the information, I did find that denyhost and fail2ban in |
5 |
> > threads but there were issues with it not working properly. Some users |
6 |
> > created custom scripts to get the job done correctly. |
7 |
> |
8 |
> Have you considered not allowing password-based logins at all for ssh? |
9 |
> Use RSA keys instead. It's much easier, and much more secure. |
10 |
|
11 |
fail2ban and/or denyhosts is still very useful with key-only auth, even if |
12 |
only to get the spam out of messages and into the iptables logs |
13 |
|
14 |
|
15 |
-- |
16 |
alan dot mckinnon at gmail dot com |