LinuxQuestions.org - SSH login banner/No root login

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - SSH login banner/No root login (https://www.linuxquestions.org/questions/linux-security-4/ssh-login-banner-no-root-login-782818/)

jmoschetti45

01-17-2010 03:38 PM

SSH login banner/No root login

I have root login disabled in sshd_conf, but you can still put in the username root when you ssh in, just says denied even with the right password.

Is there a way to bring up a message that says denied or something instead of just allowing attempted logins? I'm not too worried about it, fail2ban will ban the IP after 2 failed attempts, but it'd be nice to have the option to not even allow attempts.

I know there's the banner.net option, but that comes up before the username.

smeezekitty

01-17-2010 03:51 PM

Well if its going to deny evreytime even if the password is correct whats the point?

jmoschetti45

01-17-2010 03:57 PM

Because people try anyways.

Any way to have iptables or something along those lines look and see what the username entered was to just ban it instantly? Not sure since I don't know if the username going through ssh is encrypted or not.

rich_c

01-17-2010 04:51 PM

I'd guess this is something that fail2ban would need to do, but I'm unable to find anything to indicate what config changes you'd need to implement it.

I think it may be a case of let them have their attempts & then get jailed!

All times are GMT -5. The time now is 09:26 AM.