On Fri, 16 Jan 2009 21:28:07 -0800 Grant <emailgr...@gmail.com> wrote:
> Should I do that via an ssh config setting, in shorewall, or somewhere else? I believe the right way would be to add 'account required pam_access.so' line to /etc/pam.d/system-auth and define login restrictions in /etc/securety/access.conf (it's also quite well documented). That way you'll block ssh/ftp/mail etc logins for that account, which should also be prone to brutforce attacks because of weak password. The catch is, of course, that you should have pam on your system ;) -- Mike Kazantsev // fraggod.net
signature.asc
Description: PGP signature