One of the denials is via dropped internet connection. Effectively leaving an open session with no attached user...
But this concept brings me to the suggestion... "screen". Agree to use a predetermined "sessionname" from the screen command:
screen -S adminscreen #for the creation and
screen -r adminscreen #for the use
I'm not sure I understand your suggestion, but I'm pretty sure it will not work in our situation, since all users are connecting via SFTP
Ooops. You said one connection per USER, and iptables has no conception of users, so it would be one connection per IP.
Denial of service attacks? How? I imagine that, if the capability I am looking for exists, it would only be applicable to a successful login attempt.
Users browsing this forum: No registered users and 1 guest