> On Nov 4, 2017, at 3:14 AM, Petr Štetiar <yn...@true.cz> wrote: > > Hans Dedecker <dedec...@gmail.com> [2017-11-03 13:46:14]: > > Hi, > >> By default dropbear logs to syslog which discloses info about account names >> when doing connection attempts (e.g. "Bad password attempt for 'engineer' >> from x.x.x.x:y") > > I don't get it, syslog discloses this information to whom and how? > >> As this facilitates brute force attempts against account names; > > So instead of preventing this brute force attempts, you'll just ignore them > now? I'm wondering how is the brute forcing easier with syslog logging. > >> make syslog support configurable in order not to leak sensitive info via >> syslog. > > I think, that those are nice warning messages, reminding you, that you're > doing it wrong: > > 1. You should use pubkey auth. > 2. You should limit access to your network services. > > -- ynezz
Also a good point: we eliminated this problem by only allowing key-based logins and disallowing passwords. -Philip _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
