SSHD Feature Request
Seann Herdejurgen
seann at herdejurgen.com
Fri May 13 21:53:31 EST 2005
With the increased number of "brute force" login attempts against port 22, I am concerned that an intruder may actually stumble accross a valid user/pass combination. To combat this, I would like to request an sshd_config option that would cause the running sshd parent process to keep track of login failures by IP address. If there are more than X number of login failures for a particular IP address over a fixed period of time, simply deny login to all attempts after the first X tries.
While there is a possibility of creating a denial of service for a particular incoming IP address, one can workaround a temporarily blocked IP by attempting to login from a different IP address. Most people have access to more than one.
Thoughts?
Regards,
Seann Herdejurgen
seann at herdejurgen.com
More information about the openssh-unix-dev
mailing list