can we add a password limit for trys on the ssh service after 3 attempts IP is blocked?
can we add a password limit for try's on the ssh service after 3 attempts IP is blocked? This is for use in an ISP type scenario where users are guessing the password after numerous attempts, so if we can block after so many attempts will stop this from happening
Alexandra Lightfoot commented
This could cause significant issues for customers and support. 3 tries may not be sufficient as it is not uncommon for a customer to need to try 6 or 7 different passwords (depending on local password reset policy). You could achieve a similar result with a limit of 20 tries as brute force attempts often try 100s of times.
Kayvan Javid commented
Technical note -
Obviously there are ssh specific services which provide this functionality.
However, a better long term view, which would throw in a million times more flexibility and functionality is to tie this into an IRS (intrusion reaction system) - which could provide authentication brute force protection for pretty much any service / application / protocol that exists.