annoying brute force attack attempt using ssh
Manuel Aróstegui
manuel at todo-linux.com
Fri May 16 13:23:25 UTC 2008
El jue, 15-05-2008 a las 14:41 -0700, Wolfgang S. Rupprecht escribió:
> "jeff emminger" <jemminger at gmail.com> writes:
> > isn't password authentication insecure? why not set
> > "PasswordAuthentication no" and use ssh keys, and maybe port-knocking
> > too
>
> My feeling exactly. You have no control over how stupid a password
> users will pick. The only control you have is to not allow passwords
> in the first place and insist on at least a 1k-bit (hopefully random)
> key.
Although, you can force them to create passwords with numbers, something
like, for instance, at least 2 numbers and one alphanumeric characters.
That would help a wee bit to avoid easy passwords that may be broken
with a basic brute force attack.
Manuel.
--
Manuel Arostegui Ramirez.
Electronic Mail is not secure, might not be read every day, and should not
be used for urgent or sensitive issues.
More information about the fedora-list
mailing list