[Bug 1049] Variable delay in password logins to fight dictionary attacks
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Jun 3 12:21:19 EST 2005
http://bugzilla.mindrot.org/show_bug.cgi?id=1049
------- Additional Comments From dtucker at zip.com.au 2005-06-03 12:21 -------
BTW it can also be implemented in the underlying auth systems that sshd uses, eg
LinuxPAM has pam_fail_delay. See:
http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam_appl-3.html#the-failure-delay-function
and for a way to set this in the PAM config files:
http://www.zip.com.au/~dtucker/patches/pam_faildelay.c
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list