On Tue, Apr 19, 2011 at 11:56 AM, Peter N. M. Hansteen <pe...@bsdly.net> wrote: > Alexander Schrijver <alexander.schrij...@gmail.com> writes: > >> I think it's a bad idea to disable ssh login while someone is bruteforcing >> your >> account. > > We've seen quite a bit of what appears to be industrial-scale password > guessing (google 'hail mary cloud' or a few more obvious keywords), so > on any internet-facing system the probability that someone is trying > to bruteforce their way in via some account or other right now is not > negligible. > > If you allow password logins at all, there are worse ideas than > running john (or similar) to flush out the bad ones occasionally.
This adds some interesting ideas regarding security of passwords. Please read FAQ part too as it explains a lot of questions which may come after reading that post. http://www.baekdal.com/tips/password-security-usability > > -- > Peter N. M. Hansteen, member of the first RFC 1149 implementation team > http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ > "Remember to set the evil bit on all malicious network traffic" > delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
