From owner-freebsd-questions@FreeBSD.ORG Tue May 6 21:54:02 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C269E1065671 for ; Tue, 6 May 2008 21:54:02 +0000 (UTC) (envelope-from cpghost@cordula.ws) Received: from fw.farid-hajji.net (fw.farid-hajji.net [213.146.115.42]) by mx1.freebsd.org (Postfix) with ESMTP id 545F08FC1B for ; Tue, 6 May 2008 21:54:02 +0000 (UTC) (envelope-from cpghost@cordula.ws) Received: from epia-2.farid-hajji.net (epia-2 [192.168.254.11]) by fw.farid-hajji.net (Postfix) with ESMTP id 80DBE34A62; Tue, 6 May 2008 23:53:59 +0200 (CEST) Date: Tue, 6 May 2008 23:53:57 +0200 From: cpghost To: Gilles Message-ID: <20080506235357.0616fd9c@epia-2.farid-hajji.net> In-Reply-To: References: Organization: Cordula's Web X-Mailer: Claws Mail 3.4.0 (GTK+ 2.12.9; i386-portbld-freebsd7.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: [SSHd] Increasing wait time? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2008 21:54:02 -0000 On Tue, 06 May 2008 19:11:45 +0200 Gilles wrote: > Is there a way to configure SSHd, so that the wait time between login > attempts increases after X failed tries? It shouldn't be too hard to patch /usr/src/crypto/openssh/sshd.c:server_accept_loop() by adding code for per-IP truncated binary exponential backoff algorithm just before forking a child once a connection is accept(2)ed. It's strange that it hasn't already been done, being such an obvious and useful addition. ;) > Thank you. -- Cordula's Web. http://www.cordula.ws/