On Wed, 2004-10-27 at 14:09 -0400, Scot L. Harris wrote: > So how many ssh attempts per second can one system sustain, assuming the > attempts are from multiple systems hitting at the same time? :) > Honestly, beats me. But since I limit access using AllowUsers in /etc/ssh/sshd_config and since I primarily use certificates to log in rather than passwords, they're not going to get in within my lifetime. <grin> Even when I do use passwords (and assuming the 8-char "standard"), I always have at least one upper- and lower-case letter, one number, and one special char. So that's actually 94^8 = 6,095,689,385,410,816 or about 6.1 x 10^15. If I did my quick figures right, they'd have to exceed 1.93 million attempts per second to be statistically likely to crack my box in less than 100 years. Not bloody likely, and still very secure. <grin> Cheers, -- Rodolfo J. Paiz <rpaiz@xxxxxxxxxxxxxx>
Attachment:
signature.asc
Description: This is a digitally signed message part
