OpenSSH introduces options to penalize undesirable behavior \ stacker news ~opensource

pull down to refresh

OpenSSH introduces options to penalize undesirable behavior undeadly.org/cgi?action=article;sid=20240607042157

166 sats \ 2 comments \ @beorange 7 Jun 2024 opensource

80 sats \ 1 reply \ @k00b 7 Jun 2024

We hope these options will make it significantly more difficult for
attackers to find accounts with weak/guessable passwords or exploit
bugs in sshd(8) itself.

Why not just remove passwords on all but local networks?

101 sats \ 0 replies \ @fiksn 7 Jun 2024

Which you can already do with sth like:

PasswordAuthentication no
Match address 10.0.0.0/8
    PasswordAuthentication yes
Match all

in sshd_config btw