06-21-2022, 04:45 PM
(06-21-2022, 11:38 AM)bitnick Wrote:(06-19-2022, 04:53 AM)user641 Wrote: Hello,
If I setup a SSH connection simply using the password, with a numerical passwordof 8 digits it will be very easily crackable right? If I let port 22 open on the pine phone, and I connect to another wifi than my lan, or to 4g, will my device be vulnerable to brute force attacks?
Your device will be vulnerable in theory, but the risk should be very low if you use a random eight-digit number. Eight digits, that's 100 million combinations, and sshd by default allows sex auth tries before it enforces a login grace time of two minutes. So six tries every two minutes. That's 63 years to try all combinations... and that's if the intruder already knows your username.
I would be more worried about bugs/vulnerabilities in whatever service(s) I run on the phone.
Interesting math perspective!