[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Securing SSH: Does disabling password authentication work?

On Mon, Oct 03, 2005 at 10:14:58AM -0500, Steve Block wrote:
> I looked at my logs and found that every one of these attacks used
> password authentication when trying to authenticate to the server.
> This gave me the idea that I could disable password authentication
> while leaving the keyboard-interactive (through pam) and public key
> based systems active.
> Am I right in assuming that the password based scripted login attempts
> will fail even if they somehow (heaven forbid) guess a valid password?
> Is there an easy way to test this? 

Are you still getting a long list of dictionary attack attempts in your

Jon Dowland

Reply to: