F22 System Wide Change: Set sshd(8) PermitRootLogin=no
Reindl Harald
h.reindl at thelounge.net
Fri Jan 9 15:07:05 UTC 2015
Am 09.01.2015 um 15:59 schrieb Alexander Ploumistos:
> On Fri, Jan 9, 2015 at 4:51 PM, Reindl Harald wrote:
>
> you achieve nothing than cluttered logs from continued dictionary
> attacks with such a setup even if it would be possible and that has
> the security implication burry interesting lines in noise
>
> Oh, I agree with you, but it would be quite nice to have in a honeypot,
> combined with sshd listening on port 22, so I'm still curious if it is
> feasible (and how)
for that i would seek a dedicated honeypot-service listening on port 22
with it's own logging and have the real sshd with key-only auth on a
non-default port
https://code.google.com/p/kippo/
https://github.com/desaster/kippo
that has also the benefit even in case of a bug in sshd itself that you
have all the crap on a different code base not be real sshd at all
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20150109/847faf1c/attachment.sig>
More information about the devel
mailing list