centos6-64:non-existing users over ssh refused without wait?bug or config?
Posted: 2012/08/17 10:50:05
hello,
i have some security problems,installed centos 6.3,yum update,change maxauthtries to 1 in sshd_config(going to use pam_abl,not in use yet),with wrong password root waits before disconnect,unknown user(any other) just quick disconnect,that opens security hole to name guessing
if i set maxauthtries to 2,non-existing user gets 1 try and root gets 2(as if those numbers were set for maxauthtries)
so..what now?
paja
i have some security problems,installed centos 6.3,yum update,change maxauthtries to 1 in sshd_config(going to use pam_abl,not in use yet),with wrong password root waits before disconnect,unknown user(any other) just quick disconnect,that opens security hole to name guessing
if i set maxauthtries to 2,non-existing user gets 1 try and root gets 2(as if those numbers were set for maxauthtries)
so..what now?
paja