[CentOS] sshd hack

David Johnston david at littlebald.com
Sat Mar 11 15:20:16 UTC 2006

On Fri, 2006-03-10 at 16:32 -0500, Chris Mauritz wrote:
> I'm not really a programmer and I recently came across this hack to 
> insert a short sleep statement into auth-passwd.c within sshd.  It seems 
> to quickly confuse automated dictionary attacks.  I've moved sshd to 
> higher ports but apparently the cretins are now scanning to look for 
> that and attacking on whatever port sshd shows up on. 

I dealt with these attacks by only allowing PubkeyAuthentication.

 # Authentication types
PubkeyAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys
PasswordAuthentication no
ChallengeResponseAuthentication no

This requires you to put your public key in .ssh/authorized_keys on
remote servers.  Make sure it's working before you set
"PasswordAuthentication no" or you will lock yourself out.


More information about the CentOS mailing list