Em 23-07-2015 11:16, Peter N. M. Hansteen escreveu: > In my *very* limited testing, using variations of the first ssh > command in that blog post, none of my OpenBSD boxes with fairly > pristine out of the box /etc/ssh/sshd_config permitted more than three > tries before closing the connection. I also tested some Linux boxes > (CentOS 6.something) with the same result. I have tested the command with various linux (CentOS 6, Ubuntu 12.04, 14.04, 15.04, Archlinux, plus some others) and OpenBSD (5.4, 5.5, 5.6 and 5.7) machines, and none of them were vulnerable. I don't have any FreeBSD machine available to test it. But it seems to be the only OS affected. I'm betting that they have some bad interaction between the openssh configuration and their PAM configuration.
Cheers, Giancarlo Razzolini
