[CentOS] protecting multiuser systems from bruteforce ssh attacks
oliver at ransom.com.au
Fri Aug 21 01:42:35 UTC 2009
On 21/08/2009, at 5:44 AM, Eugene Vilensky wrote:
> What is the best way to protect multiuser systems from brute force
> attacks? I am setting up a relatively loose DenyHosts policy, but I
> like the idea of locking an account for a time if too many attempts
> are made, but to balance this with keeping the user from making a
> helpdesk call.
> What are some policies/techniques that have worked for this list with
> minimal hassle?
As an additional question to the above, would forcing users to log in
with SSH keys rather than passwords avoid requiring any anti brute
force attack measures to be put in place?
> CentOS mailing list
> CentOS at centos.org
More information about the CentOS