Login grace period implications

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Good morning,
recently I run into some troubles with some pseudo "expect" application;
after hours of debugging I've realized that I've been hitting the login
grace period wall; first point here (was using v 6.0.0) is that there is no
debug message saying that connection was dropped due to that reason, the
debug log (DEBUG3) was unbelievably silent, wondering if I should write a
small patch to inform in DEBUG1 that a timeout has been reached.
Second point is that the solution for my problem has been to increase such
period to 5 minutes, while the SSH daemon doesn't listen on any publicly
exposed interface I would like to hear your opinion on having it set to 300
seconds; are there any security implications during the key exchange
because of that? I know that a could be more vulnerable to a DoS exhausting
my sessions, apart from that is there anything relevant from a security
point?

Thanks
--
Marcin
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux