Quote:
Originally Posted by Nk2Network
how to limit the attempts to brute force SSH
|
Quick way: I should let someone familiar with OpenBSD answer this but lets assume it is similar to FreeBSD (and most Linuxes), check:
Code:
/etc/hosts.allow
# allow a single machine
sshd : 123.456.789.012 : allow
# allow a range
sshd : 123.123.0.0/255.255.0.0 : allow
# the last line of hosts.allow should be to deny the rest of the world
# deny every other machine in the world
sshd : ALL : deny
Be careful when testing - ensure you have another way into the box, either a console connection or you've left a session (or two or three) connected. /etc/hosts.allow DENY rules will prevent *new* connections but won't affect your connections in place. Try to make a new connection after you've implemented your rule(s) and ensure that YOU can get in. It would be advisable to have someone you know attempt to connect (or try another box you have not authorized via "allow") to ensure the rule is working.
Not so quick: implement your rules in a firewall.