Re: public key authentication -- log invalid keys

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Fri, 2 May 2014, TheGezer wrote:

> yeah i know, but with increasing bandwidth online, and more and more
> folks using vps with just a public key a silent distributed attack could
> go on for a couple of years without anything more than just lots of
> mysterious connection attempts in the logs

If you think that such an attack might only take "years" then you
haven't done the math.

> also consider internal breach attempts sitting inside the perimeter
> 
> and consider that if most people lose their client public key through
> theft or other they would typically just delete the authkey on the
> server rather than put it in revoked keys so logging bad attempts would
> catch these guys too
> 
> personally, i'm going to patch my sources to have bad attempts logged at
> a lower loglevel

... or you could make a one line config change.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux