From owner-freebsd-questions@FreeBSD.ORG Mon Sep 19 22:16:58 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BBE7E106566C for ; Mon, 19 Sep 2011 22:16:58 +0000 (UTC) (envelope-from matt@gsicomp.on.ca) Received: from kane.compar.com (kane.compar.com [207.236.25.66]) by mx1.freebsd.org (Postfix) with ESMTP id 401A68FC0A for ; Mon, 19 Sep 2011 22:16:58 +0000 (UTC) Received: from hermes (CPE002129cfd480-CM001ac3584898.cpe.net.cable.rogers.com [99.236.129.198]) by kane.compar.com (Postfix) with ESMTP id 3AD3415B28C1; Mon, 19 Sep 2011 18:04:30 -0400 (EDT) From: "Matt Emmerton" To: "'James Strother'" , References: <946851316461449@web97.yandex.ru> In-Reply-To: Date: Mon, 19 Sep 2011 17:58:08 -0400 Message-ID: <002e01cc7717$3e362230$baa26690$@on.ca> MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: Acx3FpWdtzDSNCnaSAiElvA00ic/RgAAGesg Content-Language: en-us Cc: Subject: RE: limit number of ssh connections X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Sep 2011 22:16:58 -0000 Moving ssh to another port has solved the problem for me. I had used sshguard in the past, but was always leery of locking myself = out. Regards, Matt Emmerton -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of James Strother Sent: Monday, September 19, 2011 5:47 PM To: freebsd-questions@freebsd.org Subject: Re: limit number of ssh connections Wow, I'm glad I asked. This has been very helpful. @=E7=D2=C9=C7=CF=D2=D8=C5=D7 =E1=CC=C5=CB=D3=C1=CE=C4=D2 Thanks for the tip on inetd, that looks like it might just do the trick. @Paul Macdonald My main reason for looking into this was glancing through the logs on a server I just put online and seeing large numbers of unauthorized login attempts. Everything so far is highly unsophisticated, but it did make me start to really think about the issue. I might put ssh onto a different port, that would at least stop the sort of fishing I am currently seeing. It's not clear if that would be "good enough." @Damien Fleuriot Have you had success with sshguard? Installed it from ports, but then I couldn't quite figure out how to configure it. To be honest, I didn't give it much of a chance before I moved on to the next thing, so if you've had good luck then I should probably give it another shot. I did flip through sshd_config, but as far as I can tell it is only possible to limit the number of concurrent connections. It might take a little longer, but I'm concerned it would still allow a malicious individual to sequentially brute-force a password. Thanks for all the responses. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org"