Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?
Andy Greenwood
greenwood.andy at gmail.com
Mon Nov 13 14:29:24 UTC 2006
On 11/13/06, Gerard Seibert <gerard at seibercom.net> wrote:
> On Monday November 13, 2006 at 04:10:58 (AM) Frank Staals wrote:
>
>
> > I had the same 'problem'. As said it's not realy a problem since FreeBSD
> > will hold just fine if you don't have any rather stupid user + pass
> > combinations. ( test test or something like that ) Allthough I thought
> > it was annoying that my intire log was clouded with those brute force
> > attacks so I just set sshd to listen at an other port then 22. Maybe
> > that's a acceptable solusion for you ? You can change the ssd port in
> > /etc/ssh/sshd_config
>
> Security through obscurity is a bad idea. Rather, use SSH key based
> authentication exclusively. Turn off all of the password stuff in
> sshd_config. Laugh at the poor fools trying to break in.
I second this notion. I had bruteforceblocker running and recently
switched to key based auth only. The good news is no one is breaking
in. the bad news is that my server is remote and difficult to get
physical access to and the only key I uploaded initially was my work
PC. Tried to get in from home over the weekend and found that I had
locked myself out! doh! Just make sure that you have at least one PC
you can get to from anywhere which has a key to get into your server.
>
>
> --
> Gerard
>
> Mail from '@gmail' is rejected and/or discarded here. Don't waste
> your time!
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
--
I'm nerdy in the extreme and whiter than sour cream
More information about the freebsd-questions
mailing list