On Thu, 2011-07-28 at 15:17 +0100, Colin Watson wrote: > As far as I can tell, nothing relevant has changed in OpenSSH at all > recently. Ok,.. weird... maybe there's something I don't see or I forgot,... was quite sure that it "worked" like that and I changed nothing,... Nevertheless... > I don't think it's > reasonable to regard this bug as release-critical, so I'm downgrading > it. Yeah, that's probably ok. I mean... failed authentications with public key are usually harmeless anyway,... as you can't (well in practise) to brute force attacks there. On the other hand failed pubkey auth tries _are_ in some way security relevant, as they could be some form of [D]DoS... and that's where fail2band would be at least somewhat handy. Do you think it makes sense to ask Damaien to change the default behaviour here? > You may have only started to notice this recently due to external > factors; for example, perhaps your attackers have started to use > authentication methods other than password? Actually I noticed it when testing myself some improved iptables rules from a remote host... Cheers, Chris.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature