Is there a reason port knocking is not an option? http://www.linuxjournal.com/article/6811 and http://en.wikipedia.org/wiki/Port_knocking I was a bit skeptical at first, but after implementing it, /var/log/secure stays pretty silent. :-) ~kurth On Wed, 2008-07-09 at 12:55 -0400, Zembower, Kevin wrote: > This might seem like a strange question to ask, but is there a way to > deliberately create a slow response to an SSH request? I'm annoyed at > the large number of distributed SSH brute-force attacks on a server I > administer, trying to guess the password for 'root' and other accounts. > I think that my server is pretty secure; doesn't allow root to log in > through SSH, only a restricted number of accounts are allowed SSH > access, with I think pretty good passwords. But still, the attempts > annoy me. > > I wouldn't mind if SSH took say 30 seconds to ask me for my password. > This would slow the attempts. Is there any way to configure OpenSSH to > do this? I searched the archives of this group with 'slow' and 'delay' > but didn't come up with anything on this topic. Please point it out to > me if I overlooked anything. In addition, I can limit the number of SSH > connections to 3-5 and still operate okay. > > Ultimately, I need this solution for hosts running OpenSSH_3.9p1 under > RHEL ES 4 and OpenSSH_4.3p2 under Debian 'etch' 4.0 and Fedora Core 6. > > Thanks in advance for your advice and suggestions. > > -Kevin > > Kevin Zembower > Internet Services Group manager > Center for Communication Programs > Bloomberg School of Public Health > Johns Hopkins University > 111 Market Place, Suite 310 > Baltimore, Maryland 21202 > 410-659-6139 >
