Bug#289573: ssh: LoginGraceTime default value
Package: ssh
Followup-For: Bug #289573
Andrew Pollock <apollock@debian.org> dixit:
> I my opinion, a LoginGraceTime of 10 minutes is really bad (...) I
> can't think of any reason why you'd want to leave an unauthenticated
> SSH connection open for that long. I think even 60 seconds is pretty
> generous.
Some people use password authentication, and among these some have
long, complex passwords, and among these some type slowly
(e.g. because on a different keyboard than used to, or because elderly
or ...). 60s is a bit short for the default value of the Debian
package, IMHO.
--
Lionel
Reply to: