SSH hacked?

Knapp magick.crow at
Wed Jan 14 06:43:18 UTC 2009

> This is not as big a deterrent as you think.  A typical 'brute force'
> attack nowadays is usually 6 to seven tries an IP over the course of
> weeks or months.  This does two things, it narrows down potential
> usernames (and passwords) and makes it harder to protect against.
> That's why I use fail2ban.  Most users don't change passwords often (or,
> indeed at all) so this type of attack is more successful than you would
> think.  Granted using strong passwords helps but no matter how strong it
> is, if you don't change it regularly, it'll get hacked.
> --
> Mark Haney
>  <mhaney at>

I keep reading this bit about users not changing passwords. I am sure it is
true but Linux has options that are very easy to use that forces the users
to pick new passwords after a set amount of time. Why not just use this?

Douglas E Knapp

Amazon Gift Cards; let them choose!!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the ubuntu-users mailing list