Re: bruteforce ssh
From: Wolfgang Meiners (WolfgangMeiners01_at_web.de)
Date: 10/27/05
- Next message: Ron Croonenberg: "ssh on OpenSSI/FC2 and afs"
- Previous message: Todd H.: "Re: Putty: Network error: No route to host"
- In reply to: David: "Re: bruteforce ssh"
- Next in thread: Ertugrul Soeylemez: "Re: bruteforce ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 27 Oct 2005 18:26:59 +0200
Hello,
if have encountered the problem of bruteforce ssh attacks in my logfiles
too. I had the following idea to solve this
David wrote:
> On my ssh server I use non-standard user names, deny root login, and use
> strong passwords, which will keep the automated-dictionary-list script
> kiddes out.
strong passwords is a point, that i can not guarantee. But i can permit
password authentication and only allow public key authentication. I
simply set
PathwordAuthentication no
PermitEmptyPasswords no
UsePAM no
in my /etc/ssh/sshd_config.
> If you're really paranoid look at the AllowUsers option in
> sshd_config to only allow certain users.
I found no information about this in the /etc/ssh/sshd_config, but i
think this is a further good idea.
Maybe, someone can tell me, if there is a configuration problem, i did
not see
Wolfgang
- Next message: Ron Croonenberg: "ssh on OpenSSI/FC2 and afs"
- Previous message: Todd H.: "Re: Putty: Network error: No route to host"
- In reply to: David: "Re: bruteforce ssh"
- Next in thread: Ertugrul Soeylemez: "Re: bruteforce ssh"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
