[PATCH 0/1] *** SUBJECT HERE ***

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi,

sifting through my system's logs, I noticed many break-in attempts by
rogue ssh clients trying long lists of common passwords. For some time
now I pondered different approaches to counter these, but could not come
up with a solution that really satisfied me.

I finally reached the conclusion that any countermeasures required
support in sshd itself, and created the attached patch. If activated in
sshd_config, an external program will be invoked every time a session is
terminated without the requesting client being authenticated. The program
is passed the offending client's IP address in its environment. It could
then block the originating host, possibly after a predefined number of
such events in a certain interval, by reconfiguring the system's firewall
or similar means.

Comments welcome.

Thomas Koeller (1):
  sshd: Added authentication failure hook

 servconf.c    |  6 ++++++
 servconf.h    |  1 +
 sshd.c        | 19 +++++++++++++++++++
 sshd_config   |  3 +++
 sshd_config.5 | 11 +++++++++++
 5 files changed, 40 insertions(+)

-- 
2.24.1
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux