On May 6, 2008, Gilles wrote:
> Is there a way to configure SSHd, so that the wait time between login
> attempts increases after X failed tries?

I run sshd via inetd rather than as a stand-alone daemon.  inetd provides 
optional rate limiting functionality.  For instance. putting

   ssh stream  tcp  nowait/20/4/10  root  /usr/sbin/sshd  sshd -i

into /etc/inetd.conf set a limit of

* 20 overall ssh connections
* 4 connection attempts per minute
* at most 10 connections from a single IP

This works very well on a personal server, not sure how it scales up.


-- Norbert.
freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to