Thread: sshguard
View Single Post
  #8   (View Single Post)  
Old 25th January 2017
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

I'll clarify my comment above.

Prior to implementing sshguard, you disabled password authentication. It was impossible for a password attack to succeed. But sshguard wasn't blocking password attacks, so you enabled password authentication. This gives sshguard something to do, but ... this gives your attackers an opportunity to succeed.

Here is an analogy:
Let us pretend that you have a large, walk in safe guarding valuable items, such as those used in banks. There are very complex locks on the safe, with timers and complex keys that only you have. The door is very thick, and it cannot be drilled through or otherwise broken into.

But you also have a guard dog. And you keep the dog inside the safe, where he has nothing to do. You decide to add another door to your safe, so that the dog will no longer be bored. This door is made of wood, and can be broken into. And you add an inexpensive combination lock on the outside. People outside constantly try the door's knob, and rattle the lock. Your dog barks, and the people leave. For now.
Yes, you have given your dog something to do. But why add a low-security door to your safe? Give the dog to someone else who does not have a safe.
Reply With Quote