Date: Fri, 8 Oct 2004 09:24:54 +0200 From: Dennis Koegel <amf@hobbit.neveragain.de> To: Luke <luked@pobox.com> Cc: freebsd-questions@freebsd.org Subject: Re: Protecting SSH from brute force attacks Message-ID: <20041008072454.GB16547@neveragain.de> In-Reply-To: <Pine.NEB.4.60.0410071514530.27025@mx.freeshell.org> References: <Pine.NEB.4.60.0410071514530.27025@mx.freeshell.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On Thu, Oct 07, 2004 at 03:15:25PM -0700, Luke wrote: > There are several script kiddies out there hitting my SSH server every > day. Sometimes they attempt to brute-force their way in trying new > logins every second or so for hours at a time. Given enough time, I fear > they will eventually get in. Apart from what was already noted here it may be a good idea to not use PasswordAuthentication at all, you can disable it in the sshd_config. Personally preferred solution would be public key authentication, but there are other options as well. No passwords used -> no passwords can be brute-forced. HTH, - D.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041008072454.GB16547>