Hacker News new | past | comments | ask | show | jobs | submit login

2 simple lines in /etc/ssh/sshd_config fix the problem:

  PermitRootLogin no
  PasswordAuthentication no



I know I am preaching to the choir, but ANY login for any port or protocol should have rate limiting and non-default passwords.

Burp suite can easily crack web logins if you allow hundreds of logins per second for a single user.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: