Limiting login ressources
Jakob Curdes
jc at info-systems.de
Wed Apr 13 05:32:49 EST 2005
Hello,
recently we experiance random login attempts with various user names
such as test,guest,admin,root,http etc pp. all from the same IP in a
short time. I observed this on different machines. We have limited
access to ssh to 2 or 3 users on all our boxes, so I do not really feel
a necessity to protect our machines better from misuse. Nevertheless I
think it would be good to block an IP address after the 3rd or so login
attempt with an illegal name or at least block an IP that tries to cycle
user names like a merry-go-round. I experimented a bit with options for
sshd like LoginGraceTime, MaxStartups but these do not really affect the
sshd behavior in the case mentioned above. I also looked into PAM and
tried to configure things there, but PAM is not really my daily
speciality. Is someone willing to explain to me how I can limit login
attempts via ssh? Is this related to UseLogin?
Yours,
Jakob Curdes
More information about the openssh-unix-dev
mailing list