Please respond below the text you are quoting. It might also be vise to trim the text so that only the relevant portions remain.
VoIP wrote: > Thanks for all good advices. I basically concern all security issue. > That is why I use TSL after my host was hacked 6 months ago. Did you figure out *how* that happened? Passwords are rarely the reason. > Protecting my data is the first priority. Any good techniques are > welcome. Also, I wonder if basic setup of TSL is vulnerable to > password cracking. Read: http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam-6.html#ss6.3 My advise to you is to use PAM and cracklib. Make cracklib force your users to make complex passwords that are less likely to fall victim to dictionary attacks. If you wish to disable after X failures, I would advise you to leave that number very high or else you get an administrative nightmare. -- Cheers! _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
