On 21/08/2009, at 5:44 AM, Eugene Vilensky wrote: > Hello, > > What is the best way to protect multiuser systems from brute force > attacks? I am setting up a relatively loose DenyHosts policy, but I > like the idea of locking an account for a time if too many attempts > are made, but to balance this with keeping the user from making a > helpdesk call. > > What are some policies/techniques that have worked for this list with > minimal hassle?
As an additional question to the above, would forcing users to log in with SSH keys rather than passwords avoid requiring any anti brute force attack measures to be put in place? Thanks, Oliver > > Thanks! > > -Eugene > _______________________________________________ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
