Limit number of connections per user?

Christian Iversen chrivers at iversen-net.dk
Fri Apr 16 22:05:55 EST 2010


On 2010-04-15 23:19, Scott Neugroschl wrote:
>>>>> because I have a customer who requested it?
>>>>>
>> Try to reach ot the reason he wants it. I guess he really wants a
>> program
>> which bans multiple unsuccessful login attempts. Not allowing Fred to
>> login
>> twice could be done with PAM, but it would be like shooting itself in
>> the foot.
>> The users will still be able to run many programs (or just a single
>> program
>> with an high load), and when their connection drops (as will happen if
>> they
>> are not all in the same intranet) and they retry they will discover
>> that
>> the
>> server hasn't noticed yet and they are locked out.
>
> [[SAN]] What I'm really looking for is what Francois mentioned -- a ban
> on simultaneous logins from multiple IPs.

Check out fail2ban. It will block hammering attempts.

And always try to figure out what the customers _really_ want ;-)

-- 
Med venlig hilsen
Christian Iversen


More information about the openssh-unix-dev mailing list