Date: Sat, 13 Nov 2004 07:55:34 -0600 From: "Kevin D. Kinsey, DaleCo, S.P." <kdk@daleco.biz> To: dave <dmehler26@woh.rr.com> Cc: freebsd-questions@freebsd.org Subject: Re: limiting ssh logins Message-ID: <41961256.5050309@daleco.biz> In-Reply-To: <000501c4c934$21a46200$0200a8c0@satellite> References: <000501c4c934$21a46200$0200a8c0@satellite>
index | next in thread | previous in thread | raw e-mail
dave wrote:
>Hello,
> I'm wondering if it's possible to use pam or perhaps tcp_wrappers to
>limit how many ssh logins can be atempted? I'd like to kick off a user who
>tries to log in repeatedly with the wrong password or tries x times within a
>minute, my purpose is to slow down hacking atempts in situations where
>public key authentication is not possible.
>Thanks.
>Dave.
>
>
>
# man login.conf | grep -A 5 -B 5 retries
login_prompt string The login prompt given by login(1)
login-backoff number 3 The number of login attempts
allowed
before the backoff delay is
inserted
after each subsequent attempt.
login-retries number 10 The number of login attempts
allowed
before the login fails.
passwd_format string md5 The encryption format that new or
changed passwords will use. Valid
values include "des", "md5" and
"blf". NIS clients using a
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41961256.5050309>