Quote:
'm one of those admins who believes passwords are an awful way to secure anything. An 8-byte ASCII password can be broken in a few days by scripted attack. So I configure all production SSH daemons I administer to deny root logon, and also to deny password authentication. Instead I configure alternate, stronger authentications such as public keys and S/Key one-time-passphrases. The specific authentication depends upon the server and its services.
|
This is a bit OT, but you have a "MaxAuthTries" option which defaults to 6 ... Preventing brute-force attacks.
Or am I missing something?