So I guess we will next start to see brute force attacks to ssh keys in addition to the current dictionary attacks on passwords against ssh. In the past I was seeing such high volume of ssh attempts that they were acting as a denial of service attack on certain servers. I stopped this with denyhosts myself - I think this highlights another good of only giving an IP address a limited number of failed attempts on any authenticated service.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds