On Fri, Nov 11, 2005 at 04:44:46PM -0500, stan wrote: > I;ve got a machien that seems to getting atacked by what appears to be a > simplistic "brute force" attck. it's getting hit multiple ties a second > with bogus root login attempts, my guess is that they are trying dictionary > atacks on the password for root. > > Any sugestions as to how to deal with this? Change the port ssh is > listening on maybe?
PermitRootLogin no? AllowUsers me? AllowGroups ssh-users? PasswordAuthentication no? Port XYZ? # passwd? Really, if you have a decent password, there's little to worry over. If you want to keep your logs clean, move to a different port. For security, disable password authentication and root login. Or just use decent passwords. Joachim