In article <f971bab40907080937v33884e78nce8291d34140f...@mail.gmail.com> you wrote: > Is there a way to force keys AND passwd verification?
You know that if its a protocol exploit (which is quite likely) that will not help you much. tcpwrapper itself or ipfilter acts quite early in the protocol stack - that might help. Besides I dont think you can force both, its only one stage in ssh protocol. But your login shell could ask for the password via Terminal. Maybe with pam.. Greetings Bernd -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org