Help configuring sshd

puffpio

Golden Member
Dec 21, 1999
1,664
0
0
I'm running OpenSSH's sshd in a cygwin environment on my Windows XP computer
Recently I've been dictionary attacked every couple of days or so. like thousands of attempted logins from IP addresses.

So, is there something to ignore login attempts from an IP address for a set number of minutes, say after 5 failed logins? I tried reading up on teh man pages but I don't see functionality like that
 

sourceninja

Diamond Member
Mar 8, 2005
8,805
65
91
I would use Iptables (oh wait, this is cygwin, use whatever firewall you use) to block access except for ip ranges you use. Of course you shouldn't be using user/pass if you have the choice, but a public/private key. That will make it much more secure. Other then that I think you need another script/app to do what you want. I've always used keys instead of user/pass.

I found this

http://blinkeye.ch/mediawiki/index.php/SSH_Blocking#Motivation

 

DaiShan

Diamond Member
Jul 5, 2001
9,617
1
0
I use a great little script called sshblacklist on my linux box, probably won't work on cygwin though, anyways what it does it scans the sshd logs for failed logins then adds a firewall rule to iptables to drop further connections from the host The website for the script seems to be down temporarily. It's normally available at pettingers.org