Re: RFC: changes to default password strength checks in pam_unix

To: debian-devel@lists.debian.org
Subject: Re: RFC: changes to default password strength checks in pam_unix
From: Lars Wirzenius <liw@iki.fi>
Date: Tue, 04 Sep 2007 12:31:15 +0300
Message-id: <[🔎] 1188898275.31104.17.camel@dorfl.lan>
In-reply-to: <[🔎] Prayer.1.0.18.0709032340070.5389@daves.isp2dial.com>
References: <[🔎] 20070902194736.GA10366@dario.dodds.net> <[🔎] 1188873845.31104.2.camel@dorfl.lan> <[🔎] Prayer.1.0.18.0709032340070.5389@daves.isp2dial.com>

ma, 2007-09-03 kello 23:40 -0400, John Kelly kirjoitti:
> On Sep 3, Lars Wirzenius wrote:
> >That is arguably better than having passwords which can be guessed by
> >doing brute-force attackes over ssh.
> 
> I stop brute force attacks by sending auth log messages to a FIFO which I 
> read with a perl script. After 10 login failures, your IP is firewalled for 
> 24 hours.
> 
> Works great.

I'm sure it does work great. Can you work on making sure it is the
default in lenny if openssh-server is installed?

-- 
Talk is cheap. Whining is actually free.

Reply to:

Follow-Ups:
- Re: RFC: changes to default password strength checks in pam_unix
  - From: John Kelly <jak@isp2dial.com>
- Re: RFC: changes to default password strength checks in pam_unix
  - From: "Dwayne C. Litzenberger" <dlitz@dlitz.net>

References:
- RFC: changes to default password strength checks in pam_unix
  - From: Steve Langasek <vorlon@debian.org>
- Re: RFC: changes to default password strength checks in pam_unix
  - From: Lars Wirzenius <liw@iki.fi>
- Re: RFC: changes to default password strength checks in pam_unix
  - From: John Kelly <jak@isp2dial.com>

Prev by Date: Re: RFC: changes to default password strength checks in pam_unix
Next by Date: Re: RFC: changes to default password strength checks in pam_unix
Previous by thread: sshd defaults (Re: RFC: changes to default password strength checks in pam_unix)
Next by thread: Re: RFC: changes to default password strength checks in pam_unix
Index(es):
- Date
- Thread