ssh wish list?
Steffen Nurpmeso
steffen at sdaoden.eu
Thu Oct 19 06:43:00 AEDT 2023
Chris Rapier wrote in
<98ef47a5-b8d3-4677-acb6-ed424627c820 at psc.edu>:
|I get that. We use fail2ban here because we've a number of ways people
|can connect to our systems so we needed something that was more
|flexible. It's also nice that it just bans the IP so it can't keep
|hammering the service.
|
|I think it depends on your use case. That said, I understand why some
|people might not want to use yet another process when all they are
|trying to do is ban people spamming your sshd process. No promises but
|we can look into it. I don't think the actually banning part would be
|all that hard. It's everything that goes along with it in terms of
|managing things and making sure it would be performant enough in high
|volume scenarios.
No need to look, blacklist now blocklist daemon of NetBSD and
FreeBSD already have the necessary patch.
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
More information about the openssh-unix-dev
mailing list