On Sat, 2011-11-12 at 04:03 -0700, T.C. Hollingsworth wrote: > On Sat, Nov 12, 2011 at 3:19 AM, Roger <arelem@xxxxxxxxxxx> wrote: > > Is there a way to limit: > > -number of log in attempts to 2, > > -the duration of a log in attempt to 3 seconds or less > > -the number of times a username can be tried, prefer it set at 2 and > > then not again for 24 hours if it fails. > > "NumberOfPasswordPrompts" in /etc/ssh_config takes care of at least > one of those. See "man ssh_config" for details. > > > Also is there a way to DROP ip addresses after 2 attempts and not allow > > that ip address for say 24 hours? > > Take a look at fail2ban: http://www.fail2ban.org/ > > It's in the repos: "yum install fail2ban" ---- or denyhosts - perhaps simpler ambitions than fail2banbut highly effective at blocking ip addresses with consecutive logon failures. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
