Hi All,
It seems my MaxAuthTries doesn't work as I expected?
My understanding is, this attribute limits amount of password keyed (or in my case security key for my public key) when connecting to my SSH server.
Below is my sshd_config:
Code:
Port 1000
AddressFamily any
AuthorizedKeysFile %h/.ssh/authorized_keys
AllowTcpForwarding no
Banner /etc/ssh/banner
ChallengeResponseAuthentication no
ciphers aes256-cbc
ClientAliveCountMax 2
ClientAliveInterval 2
Compression delayed
GSSAPIAuthentication no
HostbasedAuthentication no
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
IgnoreRhosts yes
IgnoreUserKnownHosts yes
KeyRegenerationInterval 3600
LoginGraceTime 15s
LogLevel VERBOSE
MaxAuthTries 6
PasswordAuthentication no
PermitEmptyPasswords no
PermitRootLogin no
PrintMotd yes
Protocol 2
PubKeyAuthentication yes
RhostsRSAAuthentication no
RSAAuthentication yes
ServerKeyBits 1024
StrictModes yes
SyslogFacility AUTH
UsePrivilegeSeparation yes
TCPKeepAlive yes
X11Forwarding no
MaxStartups 3:50:10
The only one that stopping people login to my SSH server is that LoginGraceTime which is 15 seconds, after that period, the person is disconnected; but seems I able to key-in more than 3x of wrong passwords within that 15 seconds window...
Any help would be great, thanks!!
Bookmarks