On Aug 2, 2005, at 9:18 PM, Raphael Melo de Oliveira Bastos Sales wrote:
Hey Colin, I was looking at the /etc/ssh/sshd_config file and found these: LoginGraceTime 600 MaxAuthTries 6 Is the first one what you meant? The second seems like an attempt to avoid brute force login.
Neither is what I was thinking of, but they're quite similar. LoginGraceTime means if nobody logged in within 10 minutes of the connection being opened, then it will be closed. I don't know exactly what MaxAuthTries does, but I imagine after the sixth invalid login, the connection would be closed.
I found this site, check it out. It's for Red Hat (Gentoo is better!), but it's the same SSHd:
http://www.faqs.org/docs/securing/chap15sec122.html
Also, does Grub need any kind of password protection? I don't know if it was Grub or Lilo that allowed root access unless password protected. Am I mistaken?
GRUB does have some password protection, but it is optional and only needed IIRC if you want to boot something other than the default entry.
As you can see, I still have a lot to learn. ;)
Me too. I'm waiting for some more hardware to arrive before I connect this server to the networks (it's primarily a NAT gateway with iptables, but also *for the LAN, not the Internet* runs Apache, ProFTPd, SSHd and rsyncd for Portage).
-- Colin -- gentoo-user@gentoo.org mailing list