[Info-vax] SSH on VAX - performance impact of break in attempts
Ken Robinson
kenrbnsn at gmail.com
Wed Aug 25 02:11:41 EDT 2010
On Aug 25, 1:53 am, urbancamo <m... at wickensonline.co.uk> wrote:
> Good morning,
>
> I have a VAX running Multinet V5.3 under a hobbyist license which has
> an SSH server running to allow access for selected remote users. I've
> been experiencing a number of break in attempts lately, generally
> lasting for several hours each. Each attempt causes the SSH server to
> utilise 100% CPU for about 20 seconds (on a VAXstation 4000/90) - this
> is having a negative impact for users on overall system performance. I
> am using the SSH2 server.
>
> I have attempted a number of strategies to reduce this impact:
>
> 1. I have defined an AllowUsers list so only named users are allowed.
> 2. I have set AuthInteractiveFailureTimeout to 30 so that there is a
> 30 second delay between login attempts from the same host/session.
> 3. I have set RequiredAuthentications to publickey,password so that
> both a password and a valid public key are required.
>
> Unfortunately none of these strategies reduce the length of 100% CPU
> utilisation for failed login attempts.
Change the port for SSH to something other than the default of 22 (and
tell the real users of the change). This should eliminated 99% of the
breakin attempts.
Ken
More information about the Info-vax
mailing list