On 30 March 2011 20:22, Alexander Schrijver <alexander.schrij...@gmail.com> wrote: > On Wed, Mar 30, 2011 at 10:06:14AM +0300, Gregory Edigarov wrote: >> IMHO it is absolutelly useless, objections are: >> 1. You can limit connections using firewall. >> 2. You already have the feature by name "limiting the number of >> retries" >> 3. If you really want PROTECTION - you should turn off password >> authentication completelly and use RSA key with passphrase. >> >> On Wed, 30 Mar 2011 09:54:06 +0300 >> Mihai Militaru <mihai.milit...@xmpp.ro> wrote: > > It's a great way to keep someone out of their own system. > >
It still amazes me the people are using tunneled plain-text passwords on internet facing systems. Learn how to use ssh-keygen and .ssh/authorized keys - I would hazard that a better security measure would be to turn off tunneled clear text logins by default.
