centos6-64:non-existing users over ssh refused without wait?bug or config?

General support questions
paja_slovany
Posts: 1
Joined: 2012/08/17 10:39:52

centos6-64:non-existing users over ssh refused without wait?bug or config?

Postby paja_slovany » 2012/08/17 10:50:05

hello,
i have some security problems,installed centos 6.3,yum update,change maxauthtries to 1 in sshd_config(going to use pam_abl,not in use yet),with wrong password root waits before disconnect,unknown user(any other) just quick disconnect,that opens security hole to name guessing
if i set maxauthtries to 2,non-existing user gets 1 try and root gets 2(as if those numbers were set for maxauthtries)
so..what now?
paja

KermitDaFragger
Posts: 195
Joined: 2009/09/11 19:23:05
Location: the Netherlands

centos6-64:non-existing users over ssh refused without wait?

Postby KermitDaFragger » 2012/08/18 09:20:36

This is probably a PAM configuration issue, not an SSH configuration issue (unless you have configured SSH not to use PAM).

However instead of fixing your PAM setup if you want real security you are beter off not using passwords. Use public/private keys. See our wiki on how to set this up.


Return to “CentOS 6 - General Support”

Who is online

Users browsing this forum: No registered users and 3 guests