Package: libpam-abl Version: 0.4.3-1 Severity: wishlist At the moment, the default setup in /etc/security/pam_abl.conf is to block a host for 1 day. Why was a one day duration picked? Would you be willing to reduce it a bit, to for example 1 or 2 hours?
For several years, I have used denyhosts on my machines, and there I have ended up with a 2 hour timeout, as it allow unlucky valid users (the ones forgetting their passwords or typing the wrong one by accident several times) a not completely unreasonable time to wait until they try again, while still blocking all active brute force attacks. Asking people to wait a whole day is not going to work at least in my environments, and would force me to manually purge entries for the unlucky users instead of being able to trust the automatic setup. -- Happy hacking Petter Reinholdtsen -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org