LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LWN.net Weekly Edition for September 4, 2008

The Kernel Hacker's Bookshelf: UNIX Internals

DRI, BSD, and Linux

SCHED_FIFO and realtime throttling

LWN.net Weekly Edition for August 28, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

New trends

New trends

Posted May 14, 2008 16:13 UTC (Wed) by cyperpunks (subscriber, #39406)
Parent article: Brute-Force SSH Server Attacks Surge (InformationWeek)

First some advice:
- use denyhosts http://denyhosts.sourceforge.net/, it works very well. All distros have packages ready.
- use the AllowUsers option /etc/ssh/sshd_config e.g: 

AllowUsers joeuser foouser
- set MaxAuthTries to low number in /etc/ssh/sshd_config: 
MaxAuthTries 3
- use good passphrases

In the last couple of days it seems like more distributed attacks are going on, presumably to smart out software like denyhosts. However with 2/3 tries per IP a fairly large botnet is needed to crack a good password.

(Log in to post comments)

New trends

Posted May 14, 2008 16:25 UTC (Wed) by nix (subscriber, #2304) [Link] 

If you're using passphrases rather than passwords (i.e. password-interactive authentication is
disabled), then you're safe anyway. It's exactly as hard for a cracker to guess a private key
with a passphrase as it is for him to guess one without a passphrase.

What the passphrase keeps you safe from is some bastard nicking your key.

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds