[CentOS] How to delay failed ssh auth
Karanbir Singh
mail-lists at karan.orgFri Nov 28 16:21:29 UTC 2008
- Previous message: [CentOS] How to delay failed ssh auth
- Next message: [CentOS] Can't adjust the brightness under CentOS 5.2
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Veiko Kukk wrote: > I need to delay failed ssh password authentication as an additional > measure against brute force ssh attacks. I understand, that shoud be > accomplished through pam, but googling gave me no example. I have CentOS > 5.2. pam_sheild and pam_delay are both modules you can use for stuff like this, although I dont personally like either. If you get thousands of hits per hour, pam's internal response time gets slowed down, and its not insignificant unless you have exceptionally large machines. Same thing with log watchers including denyhosts / fail2ban etc, the overhead isnt really worth it, at the moment switching ports to something else non-standard works well, needs no extra s/w etc. - KB
- Previous message: [CentOS] How to delay failed ssh auth
- Next message: [CentOS] Can't adjust the brightness under CentOS 5.2
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list