sshd brute force attempts?
backyard
backyard1454-bsd at yahoo.com
Tue Sep 19 14:22:42 PDT 2006
--- "Dan Mahoney, System Admin" <danm at prime.gushi.org>
wrote:
> Hey all,
>
> I've looked around and found several linux-centric
> things designed to
> block brute-force SSH attempts. Anyone out there
> know of something a bit
> more BSD savvy?
>
> My best attempt will be to get this:
>
>
http://www.csc.liv.ac.uk/~greg/sshdfilter/index_15.html
>
> running and adapt it.
>
> I've found a few things based on openBSD's pf, but
> that doesn't seem to be
> the default in BSD either.
>
> Any response appreciated.
>
> -Dan
>
> --
>
> "Is Gushi a person or an entity?"
> "Yes"
>
> -Bad Karma, August 25th 2001, Ezzi Computers,
> Quoting himself earler, referring to Gushi
>
> --------Dan Mahoney--------
> Techie, Sysadmin, WebGeek
> Gushi on efnet/undernet IRC
> ICQ: 13735144 AIM: LarpGM
> Site: http://www.gushi.org
> ---------------------------
>
well you could pretty much eliminate the problem by
disabling password logins to sshd and only accepting
keyed logins. Then only a key will work.
Frequently changing the keys would ensure hackers
would have to want to get in REALLY bad in order to
gain unauthorized access by a brute force attempt.
Depending on how hosts login and their systems, you
could perhaps run a login script that regenerates keys
automatically and distributes them to the user every
so many days or whatever so the system appears
passwordless to them, and secure to the outside. This
may be more trouble then you are looking for though.
In reality using passwords with SSH kinda defeats the
purpose of SSH.
-brian
More information about the freebsd-questions
mailing list