limit number of ssh connections

Григорьев Александр mr.festin at
Mon Sep 19 20:12:10 UTC 2011

Standard inetd(8) has many options including limiting connections based on IP-address. Can it help in this case?

20.09.2011, 00:02, "James Strother" <jstrother9109 at>:
> That's an interesting project, I hadn't realized port knocking had
> become so easy to use.
> Unfortunately, for this particular server, I need to be able to
> provide a simple way for (a very limited number of) users to login
> into the system remotely using a variety of OS platforms.  So I don't
> think port knocking is a good fit here.
> Thanks,
>   Jim
> 2011/9/19 Григорьев Александр <mr.festin at>:
>>  If your target is protect freebsd box from bruting passwords from inet maybe security/knockd will help you?
>>  19.09.2011, 23:05, "James Strother" <jstrother9109 at>:
>>>  Does anyone know a good way of limiting the number of ssh attempts
>>>  from a single IP address?
>>>  I found the following website, which describes a variety of approaches:
>>>  But I am honestly not really happy with any of them.  Continuously
>>>  polling log files for regex hits seems...well crude.  Just to give you
>>>  an idea of what I mean, here were some of the issues I had. The
>>> script allows IPs to be reinstated, but the timing is
>>>  dependent on how frequently you rotate logs.  sshguard has a pretty
>>>  website, but I can't actually find much useful documentation on how to
>>>  configure it.  fail2ban looks like it might work with sufficient work,
>>>  but the defaults are terrible.  By default, every time an IP is
>>>  reinstated, all IPs are reinstated.  Not to mention, at present I
>>>  can't seem to get it to trigger any hits.
>>>  I suppose I could keep shopping, but the truth is I just think polling
>>>  log files is the wrong way to solve the problem.  Anything based on
>>>  this approach is going to have a long latency and be highly dependent
>>>  on the unspecified and unstable formatting of log files (see
>>>  and the troubles an exclamation point can cause).
>>>  I would much much rather do something like this:
>>>  Does anyone know a way to do something similar with ipfw?
>>>  Thanks in advance,
>>>    Jim
>>>  _______________________________________________
>>>  freebsd-questions at mailing list
>>>  To unsubscribe, send any mail to "freebsd-questions-unsubscribe at"
> _______________________________________________
> freebsd-questions at mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at"

More information about the freebsd-questions mailing list