Claudinei Matos wrote: > Hi, > > I have a lot of connection attempts in my ssh server. I've take a look > at sshd_config man pages but I didn't found a way to deny the source > ip of the attempts by 5 minutes (i.e.) if this ip can't login after 5 > attempts (i.e.). Is there a way to do this?
I see the same thing on many of my servers. What's the real issue? I configure my sshd to only allow public key-based authentication. I use 1024 bit DSA keys and SSHv2 only. They can try brute forcing the box for centuries if they want, and they won't come any closer to getting in. I personally don't see a huge point to blocking attacks, but only if you're set up securely. Users that allow SSHv1 or allow password auth and use weak passwords, now that is an issue to worry about, but you've got bigger problems on your hands. DS -- [email protected] mailing list
