1 |
On Aug 2, 2005, at 9:18 PM, Raphael Melo de Oliveira Bastos Sales wrote: |
2 |
|
3 |
> Hey Colin, |
4 |
> |
5 |
> I was looking at the /etc/ssh/sshd_config file and found these: |
6 |
> |
7 |
> LoginGraceTime 600 |
8 |
> MaxAuthTries 6 |
9 |
> |
10 |
> Is the first one what you meant? |
11 |
> |
12 |
> The second seems like an attempt to avoid brute force login. |
13 |
> |
14 |
|
15 |
Neither is what I was thinking of, but they're quite similar. |
16 |
LoginGraceTime means if nobody logged in within 10 minutes of the |
17 |
connection being opened, then it will be closed. I don't know |
18 |
exactly what MaxAuthTries does, but I imagine after the sixth invalid |
19 |
login, the connection would be closed. |
20 |
|
21 |
I found this site, check it out. It's for Red Hat (Gentoo is |
22 |
better!), but it's the same SSHd: |
23 |
http://www.faqs.org/docs/securing/chap15sec122.html |
24 |
|
25 |
|
26 |
> Also, does Grub need any kind of password protection? I don't know if |
27 |
> it was Grub or Lilo that allowed root access unless password |
28 |
> protected. Am I mistaken? |
29 |
|
30 |
GRUB does have some password protection, but it is optional and only |
31 |
needed IIRC if you want to boot something other than the default entry. |
32 |
|
33 |
> As you can see, I still have a lot to learn. ;) |
34 |
|
35 |
Me too. I'm waiting for some more hardware to arrive before I |
36 |
connect this server to the networks (it's primarily a NAT gateway |
37 |
with iptables, but also *for the LAN, not the Internet* runs Apache, |
38 |
ProFTPd, SSHd and rsyncd for Portage). |
39 |
-- |
40 |
Colin |
41 |
-- |
42 |
gentoo-user@g.o mailing list |