[CentOS] ssh attack
Barry Brimer
barry.brimer at bigfoot.comMon Feb 13 23:12:48 UTC 2006
- Previous message: [CentOS] Re: ssh attack
- Next message: [CentOS] ssh attack
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> I have 2 questions. One, is there anything you can do to stop these > attempts, other than not running ssh? I use a pam_listfile entry in /etc/pam.d/sshd that reads a file (mine is called /etc/sshusers). If the user requested to log in is not in the file, the authentication attempt is rejected. So, if I had a user named "bob" and someone managed to sniff "bob"'s password during a cleatext protocol authentication session, the user would not be able to log in to the ssh server if "bob" wasn't listed in the file. You can do the same with groups. The main advantage of using this method over the AllowUsers method is that this file can be updated, and sshd does not have to be restarted to re-read the file. You also might look into the pam_access module. I've used that on occasion as well. Hope this helps. Barry
- Previous message: [CentOS] Re: ssh attack
- Next message: [CentOS] ssh attack
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list