SSHD Feature Request

Seann Herdejurgen seann at
Fri May 13 21:53:31 EST 2005

With the increased number of "brute force" login attempts against port 22, I am concerned that an intruder may actually stumble accross a valid user/pass combination.  To combat this, I would like to request an sshd_config option that would cause the running sshd parent process to keep track of login failures by IP address.  If there are more than X number of login failures for a particular IP address over a fixed period of time, simply deny login to all attempts after the first X tries.

While there is a possibility of creating a denial of service for a particular incoming IP address, one can workaround a temporarily blocked IP by attempting to login from a different IP address.  Most people have access to more than one.


Seann Herdejurgen
seann at

More information about the openssh-unix-dev mailing list