On Fri, 2006-03-10 at 16:32 -0500, Chris Mauritz wrote:
I'm not really a programmer and I recently came across this hack to insert a short sleep statement into auth-passwd.c within sshd. It seems to quickly confuse automated dictionary attacks. I've moved sshd to higher ports but apparently the cretins are now scanning to look for that and attacking on whatever port sshd shows up on.
I dealt with these attacks by only allowing PubkeyAuthentication.
# Authentication types PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys PasswordAuthentication no ChallengeResponseAuthentication no
This requires you to put your public key in .ssh/authorized_keys on remote servers. Make sure it's working before you set "PasswordAuthentication no" or you will lock yourself out.
-David