Watch brute force hacking attempts fail in realtime

Originally published at: Watch brute force hacking attempts fail in realtime | Boing Boing

3 Likes

If you do have to have SSH open to the world, you’d probably want to switch to using keys rather than passwords.

8 Likes

Also, consider using ed25519 for your keys instead of rsa like the article mentions. They’re much shorter and easier to manage.

5 Likes
1 Like

Well crap. I just saw my password go by! :grinning:

2 Likes

How does length make them any easier to manage? They go in my agent and that’s that.

4 Likes

I’m trying to send an attempt, but it’s just not working.

$ ssh \
  -o PreferredAuthentications=password \
  -o PubkeyAuthentication=no \
  hucairz@mikedamm.com

I expected to see a password prompt, but I’m getting a connection refused message.


EDIT WAIT!!!

I got it. I think if you try once and fail, then your IP is blocked (I had gotten a response once before, but ignored it). I tried on a different IP address and I got this:

$ ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no  exampleUser@mikedamm.com
exampleUser@mikedamm.com's password:
Permission denied, please try again.
exampleUser@mikedamm.com's password:
Permission denied, please try again.
exampleUser@mikedamm.com's password:
exampleUser@mikedamm.com: Permission denied (publickey,password).

But, sadly, I’m still not getting my 40 characters of fame on Mike’s website.

1 Like

because they fit on a single line when/if you’re editing authorized_keys files manually, had to cleanup someone putting newline characters where they don’t belong somewhere in the obnoxiously huge rsa keys by accident today for example, this broke ssh login for everybody on that machine

Anyone who uses the password “root” for root deserves to get hacked.

1 Like

This topic was automatically closed after 5 days. New replies are no longer allowed.