Re: protecting multiuser systems from bruteforce sshattacks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

> As an additional question to the above, would forcing users 
> to log in  
> with SSH keys rather than passwords avoid requiring any anti brute  
> force attack measures to be put in place?

You are right, but that is not feasible for most 
shared systems.

Its hard enough to get customers to use SSH,
SFTP, and SCP instead of telnet and FTP.  

Getting them to use keys would be impossible.

Another problem to consider is what other ports
are open on the machine.  Are any of them prone
to brute force attacks?  I don't think you can use
keys for them.

	Neil

--
Neil Aggarwal, (281)846-8957, www.JAMMConsulting.com
Will your e-commerce site go offline if you have
a DB server failure, fiber cut, flood, fire, or other disaster?
If so, ask about our geographically redundant database system. 

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux