tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Options for dealing with sshd brute force attacks



On Sat 28 Dec 2024 at 21:43:06 +0000, John Klos wrote:
> Hi,
> 
> > In pkgsrc there is security/pam-af which keeps the same sort of
> > information as blacklistd, but using PAM instead of being generic.
> > It is configured using the pam_af_tool which stored the config in the
> > same database.
> 
> Wouldn't this reject connections at the same place as connections that are
> rejected because of the lack of password authentication?

Close, I suppose, but a bit earlier. I don't have a configuration
example at hand (the manual doesn't seem to have one) but I think you'd
configure it in /etc/pam.d/sshd as the first or one of the first lines
and I expect that PAM is checked before sshd tries most other things.

> John
-Olaf.
-- 
___ Olaf 'Rhialto' Seibert                            <rhialto/at/falu.nl>
\X/ There is no AI. There is just someone else's work.           --I. Rose

Attachment: signature.asc
Description: PGP signature



Home | Main Index | Thread Index | Old Index