PHWinfo - Afficher un message - using PubkeyAuthentication, still getting dictionary attacks!

05/10/2006, 16h11

Nomen Nescio wrote:

> I used to run my ssh server on a high port no. to avoid the dictionary
> attacks. It worked quite well but I've had to go back to good ol' port
> 22 because I've been plugging laptop into networks with *crazy*
> restrictions like blocking huge ranges of client ports except for
> specific services.
>
> So I've changed the server config to allow PubkeyAuthentication only,
> and that's working fine, BUT the dictionary attacks are still
> coming. (See below for the sort of stuff I mean, in syslog.)
>
> AIUI, dictionary attacks on PubkeyAuthentication are hopeless, and I'm
> surprised the attacking "clients" try it. Am I right? Why do they keep
> trying? Anything else I can/should do?

How should they know you have disabled password authetication? (you did,
didn't you?)
--
Cezary Morga

05/10/2006, 16h11	#2
Cezary Morga Messages: n/a Hébergeur:	Re: using PubkeyAuthentication, still getting dictionary attacks! Nomen Nescio wrote: > I used to run my ssh server on a high port no. to avoid the dictionary > attacks. It worked quite well but I've had to go back to good ol' port > 22 because I've been plugging laptop into networks with crazy > restrictions like blocking huge ranges of client ports except for > specific services. > > So I've changed the server config to allow PubkeyAuthentication only, > and that's working fine, BUT the dictionary attacks are still > coming. (See below for the sort of stuff I mean, in syslog.) > > AIUI, dictionary attacks on PubkeyAuthentication are hopeless, and I'm > surprised the attacking "clients" try it. Am I right? Why do they keep > trying? Anything else I can/should do? How should they know you have disabled password authetication? (you did, didn't you?) -- Cezary Morga