Re: protecting multiuser systems from bruteforce ssh attacks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 21/08/2009, at 5:44 AM, Eugene Vilensky wrote:

> Hello,
>
> What is the best way to protect multiuser systems from brute force
> attacks?  I am setting up a relatively loose DenyHosts policy, but I
> like the idea of locking an account for a time if too many attempts
> are made, but to balance this with keeping the user from making a
> helpdesk call.
>
> What are some policies/techniques that have worked for this list with
> minimal hassle?

As an additional question to the above, would forcing users to log in  
with SSH keys rather than passwords avoid requiring any anti brute  
force attack measures to be put in place?

Thanks,
Oliver

>
> Thanks!
>
> -Eugene
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux