On Sat, 21 Feb 2015, tot-to wrote: > Steps to reproduce: > 1) PermitRootLogin no in sshd_config > 2) login with "root" user from other host > > Present behaviour: > 1) it asks for password 3 times and only then close the connection. > 2) cpu consumption during bruteforce "attacks". This is intentional behaviour. The intention is to not give clues as to which accounts may be valid for login. > Expected behaviour: > Immediate disconnect/login fail If you want this, then use: Match user root MaxAuthTries 0 _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev