ssh

Limit ssh brute force attacks

Submitted by Dirk on 7 June, 2007 - 17:31
Undefined
This will limit incoming connections to port 22 to no more than 4 attemps in ten minutes. Any more will be dropped. You can adjust the numbers yourself to limit connections further. 
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent   --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent   --update --seconds 600 --hitcount 4 -j DROP

(Found here http://blog.blackdown.de/2005/02/18/mitigating-ssh-brute-force-attacks-with-ipt_recent/

Technology:

Copy your ssh public key to another machine

Submitted by Dirk on 29 May, 2007 - 00:04

If your flavor of Unix doesn't come with ssh-copy-id - does only Debian have it? - , then create a file called ssh-copy-id in your $PATH with:

cat ~/.ssh/*.pub | ssh $1 'mkdir .ssh; chmod 700 .ssh; cat>>.ssh/authorized_keys'

You can then copy your public key to another machine by running ssh-copy-id remoteuser@remotehostname.

Technology:

Subscribe to RSS - ssh