# After 10 unauthenticated connections, refuse 30% of the new ones, and # refuse any more than 60 total. MaxStartups 10:30:60
>From an old server of mine, looks related to solutions you're seeking (but I agree with Dennis, deny PasswordAuthentication is strongest. On Fri, 8 Oct 2004 09:24:54 +0200, Dennis Koegel <[EMAIL PROTECTED]> wrote: > Hi, > > On Thu, Oct 07, 2004 at 03:15:25PM -0700, Luke wrote: > > There are several script kiddies out there hitting my SSH server every > > day. Sometimes they attempt to brute-force their way in trying new > > logins every second or so for hours at a time. Given enough time, I fear > > they will eventually get in. > > Apart from what was already noted here it may be a good idea to not use > PasswordAuthentication at all, you can disable it in the sshd_config. > > Personally preferred solution would be public key authentication, but > there are other options as well. > > No passwords used -> no passwords can be brute-forced. > > HTH, > - D. > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"