[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security....

On Wed, 2004-10-27 at 14:09 -0400, Scot L. Harris wrote:
> So how many ssh attempts per second can one system sustain, assuming the
> attempts are from multiple systems hitting at the same time?  :)

Honestly, beats me. But since I limit access using AllowUsers
in /etc/ssh/sshd_config and since I primarily use certificates to log in
rather than passwords, they're not going to get in within my lifetime.

Even when I do use passwords (and assuming the 8-char "standard"), I
always have at least one upper- and lower-case letter, one number, and
one special char. So that's actually 94^8 = 6,095,689,385,410,816 or
about 6.1 x 10^15.

If I did my quick figures right, they'd have to exceed 1.93 million
attempts per second to be statistically likely to crack my box in less
than 100 years. Not bloody likely, and still very secure. <grin>


Rodolfo J. Paiz <rpaiz simpaticus com>

Attachment: signature.asc
Description: This is a digitally signed message part

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]