SSH brute force attacks - Printable Version +- PINE64 (https://forum.pine64.org) +-- Forum: PinePhone (https://forum.pine64.org/forumdisplay.php?fid=120) +--- Forum: PinePhone Software (https://forum.pine64.org/forumdisplay.php?fid=121) +---- Forum: Mobian on PinePhone (https://forum.pine64.org/forumdisplay.php?fid=139) +---- Thread: SSH brute force attacks (/showthread.php?tid=16864) Pages:
1
2
|
RE: SSH brute force attacks - user641 - 06-20-2022 (06-20-2022, 08:33 AM)wibble Wrote: I've updated the wiki entry - please report back if it's still confusing or you find anything wrong. wow, thanks so much!!! now it's much clearer. I will try again later. RE: SSH brute force attacks - bitnick - 06-21-2022 (06-19-2022, 04:53 AM)user641 Wrote: Hello, Your device will be vulnerable in theory, but the risk should be very low if you use a random eight-digit number. Eight digits, that's 100 million combinations, and sshd by default allows sex auth tries before it enforces a login grace time of two minutes. So six tries every two minutes. That's 63 years to try all combinations... and that's if the intruder already knows your username. I would be more worried about bugs/vulnerabilities in whatever service(s) I run on the phone. RE: SSH brute force attacks - user641 - 06-21-2022 (06-21-2022, 11:38 AM)bitnick Wrote:(06-19-2022, 04:53 AM)user641 Wrote: Hello, Interesting math perspective! RE: SSH brute force attacks - RTP - 06-23-2022 (as earlier reply mentioned) Mobian Wiki is a great resource. Since you asked about pin numbers for ssh, a while back I happened to write on securing SSH on Pinephone + it starts with cracking default pin using Hydra - just mirrored to wordpress in case it helps. (Part I also includes the "most popular pin numbers list" - be sure your pin is not on this list). Part I Cracking default pin demo + sshd_config settings to mitigate: https://politictech.wordpress.com/2022/06/23/%f0%9f%94%90-part-i-securing-ssh-weak-password-demo/ Part II: Add Key Auth + Learn to check SSH fingerprints: https://politictech.wordpress.com/2022/06/23/%f0%9f%94%91-ssh-part-ii-adding-key-auth-checking-fingerprints-avoid-mitm/ |