attack
James Wilkinson
fedora at westexe.demon.co.uk
Mon May 9 16:49:04 UTC 2005
roland brouwers wrote:
> Someone is attacking for a certain time on port SSH2
> He is trying to login as root and uses all kind of usernames.
> See annexed textfile
>
> How can I block a user after x failed logins?
Assuming your username is roland, put
AllowUsers roland
in /etc/ssh/sshd_config
This will mean that no-one will be able to log in directly as root. If
you want to log in as root remotely, log in as yourself and use
su -
(Arguably you should be doing this anyway. Or setting up sudo to let you
do what you need to do).
Also see: man sshd_config and the AllowGroups keyword.
Hope this helps,
James.
--
E-mail address: james | When did you last back up your system?
@westexe.demon.co.uk |
More information about the users
mailing list