Follow Slashdot stories on Twitter


Forgot your password?

Comment Have sshd give out less info (Score 1) 327

Haven't seen anyone mention this but... how about patching sshd so that an attacker can't tell the difference between a connection failing because of a bad userid or because of a bad password/key? Let them sit and spin (a tarpit?) trying to break into that "amanda" account they think I have - or blow out their database thinking every host has every possible userid in the book.

"Free markets select for winning solutions." -- Eric S. Raymond