Comments on: Protecting against SSH brute-force password attacks http://www.steveglendinning.com/2008/01/27/protecting-against-ssh-brute-force-password-attacks/ Tue, 06 Jan 2009 22:52:36 +0000 http://wordpress.org/?v=2.7 hourly 1 By: Rob Hagopian http://www.steveglendinning.com/2008/01/27/protecting-against-ssh-brute-force-password-attacks/comment-page-1/#comment-1209 Rob Hagopian Mon, 08 Dec 2008 19:52:53 +0000 http://www.steveglendinning.com/2008/01/27/protecting-against-ssh-brute-force-password-attacks/#comment-1209 Longer passwords are more difficult to crack than adding a little more complexity via special characters. For instance: Mary had a little lamb is a much stronger password than Mary12$ -Rob Longer passwords are more difficult to crack than adding a little more complexity via special characters. For instance:

Mary had a little lamb

is a much stronger password than

Mary12$

-Rob

]]> By: LKRaider http://www.steveglendinning.com/2008/01/27/protecting-against-ssh-brute-force-password-attacks/comment-page-1/#comment-606 LKRaider Sat, 27 Sep 2008 18:19:58 +0000 http://www.steveglendinning.com/2008/01/27/protecting-against-ssh-brute-force-password-attacks/#comment-606 Thanks, that's exactly what I needed! :) Thanks, that’s exactly what I needed! :)

]]> By: Steve http://www.steveglendinning.com/2008/01/27/protecting-against-ssh-brute-force-password-attacks/comment-page-1/#comment-582 Steve Thu, 25 Sep 2008 09:50:26 +0000 http://www.steveglendinning.com/2008/01/27/protecting-against-ssh-brute-force-password-attacks/#comment-582 Hi LKRaider, Yes, but only if you have OpenSSH 4.3p2 or later. You can use the new "Match" configuration block to override some settings for selected hosts, users or groups. There's an example of using it here: <a href="http://prefetch.net/blog/index.php/2006/09/05/limiting-access-to-openssh-directives/" rel="nofollow">http://prefetch.net/blog/index.php/2006/09/05/limiting-access-to-openssh-directives/</a> Hi LKRaider,

Yes, but only if you have OpenSSH 4.3p2 or later. You can use the new “Match” configuration block to override some settings for selected hosts, users or groups.

There’s an example of using it here: http://prefetch.net/blog/index.php/2006/09/05/limiting-access-to-openssh-directives/

]]> By: LKRaider http://www.steveglendinning.com/2008/01/27/protecting-against-ssh-brute-force-password-attacks/comment-page-1/#comment-580 LKRaider Wed, 24 Sep 2008 05:50:59 +0000 http://www.steveglendinning.com/2008/01/27/protecting-against-ssh-brute-force-password-attacks/#comment-580 Hello, Is it possible to enable Password Authentication for a specified host only, while keeping Pubkey Authentication for any other hosts available? I ask this because I currently use public key authentication, but want to setup freenx on the host, and using sshd to control the login is by far the easiest method to setup (no need to recreate passwords for passdb, for instance), but requires password authentication enabled on localhost to work. Hello,

Is it possible to enable Password Authentication for a specified host only, while keeping Pubkey Authentication for any other hosts available?

I ask this because I currently use public key authentication, but want to setup freenx on the host, and using sshd to control the login is by far the easiest method to setup (no need to recreate passwords for passdb, for instance), but requires password authentication enabled on localhost to work.

]]>