iptables in linux
T.C. Hollingsworth
tchollingsworth at gmail.com
Sat Nov 12 11:03:10 UTC 2011
On Sat, Nov 12, 2011 at 3:19 AM, Roger <arelem at bigpond.com> wrote:
> Is there a way to limit:
> -number of log in attempts to 2,
> -the duration of a log in attempt to 3 seconds or less
> -the number of times a username can be tried, prefer it set at 2 and
> then not again for 24 hours if it fails.
"NumberOfPasswordPrompts" in /etc/ssh_config takes care of at least
one of those. See "man ssh_config" for details.
> Also is there a way to DROP ip addresses after 2 attempts and not allow
> that ip address for say 24 hours?
Take a look at fail2ban: http://www.fail2ban.org/
It's in the repos: "yum install fail2ban"
-T.C.
More information about the users
mailing list