LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-14-2006, 02:06 PM   #1
isuck@linux
Member
 
Registered: Jun 2006
Distribution: messed up debian
Posts: 250

Rep: Reputation: 30
ssh and pam


I just installed a new debian box, it's going to be an external relay so I want it to be really secure. I have never secured a linux box so I started reading about PAM and ssh. I was following steps in this debian security guide:
http://www.debian.org/doc/manuals/se...to/ch4.en.html
now when I tested what I did I got nothing new, I can't get the FAIL_DELAY command to work with PAM and the failed login is still 7 when I actually put 3 retries in /etc/pam.d/ssh and login. Does anyone know how to add a fail delay to the ssh login and what I could be missing?. TIA
 
Old 11-14-2006, 08:36 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
The delay is hardcoded in OpenSSH AFAIK. For a "three strikes out" approach check out pam_tally. If this really is about SSH bruteforcing better harden SSH by disabling protocol 1, root account and password logins and pick one method out of http://www.linuxquestions.org/questi...d.php?t=340366 as well. BTW, I hope you did your basic host hardening before this all?
 
Old 11-15-2006, 11:58 AM   #3
isuck@linux
Member
 
Registered: Jun 2006
Distribution: messed up debian
Posts: 250

Original Poster
Rep: Reputation: 30
Thanks for your reply. I don't know what you mean by basic host hardening, I disabled telnet, created a group for su and sudo users and shutdown unnecessary services, is that what you mean by basic host hardening?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh-pam module configuration thobias.reaper Linux - Security 1 07-16-2006 10:24 AM
pam config for ssh on suse linux bbhgi1o Linux - Networking 1 05-18-2006 10:32 PM
deny ssh access with pam RobertCraven Linux - Security 5 05-12-2006 03:55 AM
PAM - only allow domain group members to log on via ssh? humbletech99 Linux - Networking 3 01-24-2006 11:53 AM
SSH Problems with PAM stocks29 Linux - Software 0 06-25-2004 08:51 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:44 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration