sophana wrote: > using denyhosts is sufficient for me. After several password attempts, > it simply disables the ip address. > I now have 133 denied ips in /etc/hosts.deny > Of course, you have to make sure that you don't use simple passwords > I find it easier to deny all and then allow the very few who actually use ssh. But, this can get you into trouble if you suddenly find you need to shell in when out of town. A backdoor somewhere is a good idea! John Hinton