On Thu, Nov 06, 2008 at 05:33:41PM +0000, Charlie Clark wrote:
> I have noticed that people constantly try to brute force sshd on my
> openbsd box, on my server I use fail2ban to prevent this and wondered if
> there is a similar solution for openbsd.
Yes, but why would you want to do that? It doesn't help in any real
sense - weak passwords are still weak and may still fall to a
distributed attack. and strong passwords or keys are pretty much
impossible to guess anyway.
Meanwhile, it's at least a little complex, takes some time to set up,
and has nasty failure modes.
Joachim
