In the new version 0.6.0 of pam-abl available in testing the default
rule for sshd is the following:
+user_rule=*/sshd:5/1h
Do you think it is good enough as the default ?
here is the config:
http://anonscm.debian.org/cgit/collab-maint/libpam-abl.git/tree/debian/patches/update_config.patch
Package: libpam-abl
Version: 0.4.3-1
Severity: wishlist
At the moment, the default setup in /etc/security/pam_abl.conf is to
block a host for 1 day. Why was a one day duration picked? Would you
be willing to reduce it a bit, to for example 1 or 2 hours?
For several years, I have used
2 matches
Mail list logo