Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment: DenyHosts SSH script (Score 2, Interesting) 206

by HumanCarbonUnit (#21956374) Attached to: Cryptographically Hiding TCP Ports
This is indeed a nifty hack, however it seems a bit impractical and overly complicated way of protecting SSH.

I use the software script Denyhosts which runs whenever an SSH connection comes into the system
http://denyhosts.sourceforge.net/

You simply set the Account / IP address lockout threshold and so after X number of failed login attempts the system will put the connections source IP address into the hosts.deny file. The IP address stays there until eventually released, or it can stay there forever.

Thus its easy for me to share the login with friends so they can SSH and SFTP into the system and any / all attempts to guess or force a login are blocked after the threshold is reached.

If I have not seen so far it is because I stood in giant's footsteps.

Working...