Mailinglist Archive: opensuse-security (409 mails)

< Previous Next >
Re: Automatically blacklist IP after multiple SSH login failures
  • From: Johannes Franken <jfranken@xxxxxxxxxxx>
  • Date: Thu, 8 Aug 2002 21:50:33 +0200
  • Message-id: <20020808195029.GM22483@xxxxxxxxxxx>
* Jeff Stewart <jstewart@xxxxxxxxxxxxxx> [2002-08-08 18:36 +0200]:
> I'd like to protect myself against dictionary or brute force login attacks.
> Is there a way within OpenSSH

Sure, get used to using RSA keys and put this to your
/etc/ssh/sshd_config then:

Protocol 2
RSAAuthentication yes
PasswordAuthentication no

> automatically blacklist an IP address after x number of failed login
> attempts?

that won't help, because the hacker can easily switch to another IP

Johannes Franken

Professional unix/network development

< Previous Next >
Follow Ups