说明:
在查询限制服务器被SSH尝试时,有看到一个说,可以修改/etc/ssh/sshd_config配置文件的MaxAuthTries参数。但这个参数其实是限制SSH客户端一次连接服务器,能测试的密码的。找了个说明,具体如下
Specifies the maximum number of authentication attempts permitted per connection. Once the number of failures reaches half this value, additional failures are logged. The default is 6.
实现:
MaxAuthTries要生效,必须修改SSH服务端、客户端
1. 修改SSH服务端
# vim /etc/ssh/sshd_config #MaxAuthTries 6 //系统默认是6次。可以按需要更改,如改为2或其它。注意删除#,并重启sshd使配置生效
2. 修改SSH客户端
# ssh -o NumberOfPasswordPrompts=8 carl@192.168.2.200 //通过-o NumberOfPasswordPrompts指定1次连接可以尝试的密码,默认是3次。即1次连接可以输入3次密码。但这个就没办法试出MaxAuthTries 6这个的效用了 carl@192.168.2.200's password: Permission denied, please try again. carl@192.168.2.200's password: Permission denied, please try again. carl@192.168.2.200's password: Permission denied, please try again. carl@192.168.2.200's password: Permission denied, please try again. carl@192.168.2.200's password: Permission denied, please try again. carl@192.168.2.200's password: Received disconnect from 192.168.2.200: 2: Too many authentication failures for carl
可以看到尝试6次系统就断开连接了。如果需要尝试次数更少的,可以修改第1步的MaxAuthTries,改为2或其它。
当然也可以通过ssh客户端的配置文件来实现,这个倒是没试过!
# vim /etc/ssh/ssh_config //在最后添加以下内容,这个倒是没试过。 NumberOfPasswordPrompts 8
附录:
这种,对于以下这种,1次ssh连接尝试多次密码的,还有点效果
Jan 4 03:42:13 VM_*_*_centos sshd[16678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.225.109.117 user=root Jan 4 03:42:14 VM_*_*_centos sshd[16809]: Failed password for root from 122.225.109.117 port 59570 ssh2 Jan 4 03:42:15 VM_*_*_centos sshd[16678]: Failed password for root from 122.225.109.117 port 58205 ssh2 Jan 4 03:42:16 VM_*_*_centos sshd[16678]: Failed password for root from 122.225.109.117 port 58205 ssh2 Jan 4 03:42:17 VM_*_*_centos sshd[16809]: Failed password for root from 122.225.109.117 port 59570 ssh2 Jan 4 03:42:19 VM_*_*_centos sshd[16809]: Failed password for root from 122.225.109.117 port 59570 ssh2 Jan 4 03:42:23 VM_*_*_centos sshd[16678]: Failed password for root from 122.225.109.117 port 58205 ssh2 Jan 4 03:42:27 VM_*_*_centos sshd[16810]: Disconnecting: Too many authentication failures for root
但对于这种,1次ssh连接只尝试1次密码的,感觉就没什么效果了。
Jan 6 09:58:09 VM_*_*_centos sshd[13825]: Failed password for root from 61.147.103.152 port 35896 ssh2 Jan 6 09:58:09 VM_*_*_centos sshd[13826]: Received disconnect from 61.147.103.152: 11: Normal Shutdown, Thank you for playing Jan 6 09:58:10 VM_*_*_centos sshd[13827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=6 1.147.103.152 user=root Jan 6 09:58:12 VM_*_*_centos sshd[13827]: Failed password for root from 61.147.103.152 port 36516 ssh2 Jan 6 09:58:12 VM_*_*_centos sshd[13828]: Received disconnect from 61.147.103.152: 11: Normal Shutdown, Thank you for playing Jan 6 09:58:12 VM_*_*_centos sshd[13829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.147.103.152 user=root