LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 09-10-2003, 11:09 AM   #1
jfmendez27
LQ Newbie
 
Registered: Sep 2003
Posts: 4

Rep: Reputation: 0
Exclamation Ssh Login Security


Hi everybody, i have a question for you.

Could be possible to block root access via ssh for an user account or an IP address after give three times a wrong password ? I mean, if an intruder gain access via an user account and try to get root access.

Could be this possible ?

Regards.


Last edited by jfmendez27; 09-10-2003 at 11:15 AM.
 
Old 09-10-2003, 01:19 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
I'm sure it's somehow possible using PAM, but root should not be allowed to use any form of networked login, period. Use proper methods like setting up sudo and logging in as unprivileged user.

If you allow only certain users ssh access, then use sshd_config's "AllowUsers" directive to restrict access. If you allow only certain users ssh access and you know their IP addresses or ranges, then you can restrict access to those using /etc/hosts.deny,allow if OpenSSH is compiled --with-libwrap or use (x)inetd's facilities if you run sshd tru (x)inetd. To finalize it and to guard against configuration errors being single point of failures, add those addresses and ranges to your firewall script.
 
Old 09-10-2003, 06:42 PM   #3
jfmendez27
LQ Newbie
 
Registered: Sep 2003
Posts: 4

Original Poster
Rep: Reputation: 0
Thanks unSpawn

Thanks, i had already done that, but i though could be possible to do what i asked, in fact just my account have access rights to my box.

Thanks anyway.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[Security Questions] Last Login, how good is this feature for security breach info? t3gah Linux - Security 2 06-14-2005 01:02 AM
SSH Security pembo13 Linux - Security 20 09-13-2004 09:03 PM
security on ssh spank Linux - Security 1 02-26-2004 02:22 PM
ssh security ashley75 Linux - General 7 09-19-2003 11:15 AM
SSH Security 1jamie Linux - Security 2 09-08-2003 01:39 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:44 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration