[CentOS-docs] Securing SSH --> Change ports
Karsten Wade
kwade at redhat.com
Fri Oct 3 05:49:30 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/02/2014 09:11 PM, Manuel Wolfshant wrote:
> Incidentally I am a fan of using iptables (recent match) to limit
> the number of admissible attempts from any given IP to connect to
> sshd ( yes, I know, it has nothing to do with the initial concern
> you raised )
FWIW, I think this is an equally fair approach, in that e.g. a dozen
attempts makes sense to block against -- if a user has 12 failed
attempts, they are misremembering their password and need to do a
recovery via another sysadmin.
Honestly probably a better approach than STO via changing to
unassigned privileged port.
- --
Karsten 'quaid' Wade .^\ CentOS Doer of Stuff
http://TheOpenSourceWay.org \ http://community.redhat.com
@quaid (identi.ca/twitter/IRC) \v' gpg: AD0E0C41
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlQuOOoACgkQ2ZIOBq0ODEHWCACghGkJwVXG0Ke4yrs7nRF87BGF
X78AoJVdrzjm72+pyncl5GYe/CHkcPvc
=/F20
-----END PGP SIGNATURE-----
More information about the CentOS-docs
mailing list