openssh bugs - Mar 2011 - [Bug 1877] New: Protection against brute force attacks

https://bugzilla.mindrot.org/show_bug.cgi?id=1877

           Summary: Protection against brute force attacks
           Product: Portable OpenSSH
           Version: 5.8p1
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: sworddragon2 at aol.com


I see every few days in the process list that somebody is trying to
connect to my server every second. I have a good password and such a
brute force attack is nearly impossible but I want some more security.

For example an option that blocks an ip address for a specific time
after a few amount of fails. Another example is that we can allow ssh
connections only every few seconds from a client. All these values
should be configurable.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1877

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org
             Status|NEW                         |RESOLVED
         Resolution|                            |WONTFIX

--- Comment #1 from Damien Miller <djm at mindrot.org> 2011-04-12 15:40:49
EST ---
Good external solutions exist. The best is to enforce password
strength.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1877

LOGIN <contact at loginwall.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |contact at loginwall.com

--- Comment #2 from LOGIN <contact at loginwall.com> 2011-07-04 00:36:32
EST ---
One more great solution against Brute Force attack is LoginWall.

you could download free anti brute force solution from their website
www.loginwall.com

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1877

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #3 from Damien Miller <djm at mindrot.org> 2011-09-06 15:33:01
EST ---
close resolved bugs now that openssh-5.9 has been released

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.