Date: Mon, 19 Sep 2011 17:47:01 -0400 From: James Strother <jstrother9109@gmail.com> To: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: limit number of ssh connections Message-ID: <CAAOvGP09epGmL%2BqKShMrv5QKkKGDeFD4n-dz8TxZF_kGs1HfRQ@mail.gmail.com> In-Reply-To: <C68AA406-8C5B-4F32-984C-EF07D5445FCB@my.gd> References: <CAAOvGP2Gj0=ZAYZn2KZYUa3NTCHVtUdtQqHumM1D5Ea26dzPrQ@mail.gmail.com> <946851316461449@web97.yandex.ru> <CAAOvGP3uPgcA2L%2B3%2BaLuAkyy3m72L3fxeDbt67gF1iC2xPMitQ@mail.gmail.com> <C68AA406-8C5B-4F32-984C-EF07D5445FCB@my.gd>
next in thread | previous in thread | raw e-mail | index | archive | help
Wow, I'm glad I asked. This has been very helpful. @=E7=D2=C9=C7=CF=D2=D8=C5=D7 =E1=CC=C5=CB=D3=C1=CE=C4=D2 Thanks for the tip on inetd, that looks like it might just do the trick. @Paul Macdonald My main reason for looking into this was glancing through the logs on a server I just put online and seeing large numbers of unauthorized login attempts. Everything so far is highly unsophisticated, but it did make me start to really think about the issue. I might put ssh onto a different port, that would at least stop the sort of fishing I am currently seeing. It's not clear if that would be "good enough." @Damien Fleuriot Have you had success with sshguard? Installed it from ports, but then I couldn't quite figure out how to configure it. To be honest, I didn't give it much of a chance before I moved on to the next thing, so if you've had good luck then I should probably give it another shot. I did flip through sshd_config, but as far as I can tell it is only possible to limit the number of concurrent connections. It might take a little longer, but I'm concerned it would still allow a malicious individual to sequentially brute-force a password. Thanks for all the responses.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAAOvGP09epGmL%2BqKShMrv5QKkKGDeFD4n-dz8TxZF_kGs1HfRQ>