On Sunday 15 November 2009 08:21:55 Walter Dnes wrote: > On Sat, Nov 14, 2009 at 07:07:28PM -0500, Richard Marza wrote > > > Thank you for the information, I did find that denyhost and fail2ban in > > threads but there were issues with it not working properly. Some users > > created custom scripts to get the job done correctly. > > Have you considered not allowing password-based logins at all for ssh? > Use RSA keys instead. It's much easier, and much more secure. fail2ban and/or denyhosts is still very useful with key-only auth, even if only to get the spam out of messages and into the iptables logs
-- alan dot mckinnon at gmail dot com