limit number of ssh connections

Chad Perrin perrin at
Tue Sep 20 00:57:11 UTC 2011

On Mon, Sep 19, 2011 at 05:11:28PM -0700, Randal L. Schwartz wrote:
> >>>>> "Григорьев" == Григорьев Александр <mr.festin at> writes:
> Григорьев> If your target is protect freebsd box from bruting passwords
> Григорьев> from inet maybe security/knockd will help you?
> Portknocking adds only a dozen bits or so to your password.  Do you
> really think it helps to go from a 1024-bit key to a 1036-bit?  In other
> words, Portknocking belongs in the "security for dummies" pile right
> along with "turning off your SSID announce" and "use MAC address
> filtering" when people talk about wifi "security".  All three are
> useless and give you a false sense of having "increased" security.

I'd say, rather, that it's useful in deflecting the drive-by, casual
cracking attempts, but not as real security against a more sophisticated
attack.  It's nice to have cleaner logging sometimes -- which is the real
benefit of such techniques, rather than security per se.

Chad Perrin [ original content licensed OWL: ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url :

More information about the freebsd-questions mailing list