[NBLUG/talk] opensshd delay after fail
Christopher Wagner
chrisw at pacaids.com
Mon Oct 17 09:32:07 PDT 2005
I don't have your answer but I was curious...
-----
$ ssh -l root ssh.example.com
Password: <garbage>
<delay 2-3 secs>
Password: <garbage>
<delay 2-3 secs>
Password: <garbage>
<delay 2-3 secs>
root at ssh.example.com's password:
<no delay>
Permission denied, please try again.
root at ssh.example.com's password:
<no delay>
Permission denied, please try again.
root at ssh.example.com's password:
<no delay>
Permission denied, please try again.
$
-----
I'm rather puzzled by this behavior. (It asks six times, with the first
three being a different password prompt, with the delay). Any ideas?
I'm running Debian Etch, all stock packages.
- Chris
Bob Blick wrote:
>Everybody who reads their logs sees brute force ssh login attempts, once
>per second or more frequently.
>
>For highest security, having no users and disabling interactive ssh is the
>way to go, but this is impractical.
>
>Some people have routed sshd through the pam modules to add a delay, but
>pam doesn't behave the way one would like for ssh.
>
>Has anyone found a solution that adds a delay to sshd for failed login
>attempts? A patch to opensshd or an alternative to opensshd?
>
>Thanks,
>
>Bob
>
>
>
>_______________________________________________
>talk mailing list
>talk at nblug.org
>http://nblug.org/cgi-bin/mailman/listinfo/talk
>
>
More information about the talk
mailing list