You must log in or register to comment.
Repeated offenses by the same client address will accrue greater penalties, up to a configurable maximum. A PerSourcePenaltyExemptList option allows certain address ranges to be exempt from all penalties. We hope these options will make it significantly more difficult for attackers to find accounts with weak/guessable passwords or exploit bugs in sshd(8) itself.
Nice rate limiting
So we‘re making fail2ban obsolete for this usecase?
Yes, if that’s the only reason one is using
fail2ban
. Honestly, I won’t miss it.
In the old days we called it tar pitting.
Tell me in the old days there were other things that could happen. Like feathering somebody after tar pitting. I dont know what that would’ve meant. Maybe servers ridiculing an attacker or something.
Tar pitting sounds way more fun than rate limiting >.>