Yi amfani da Pam_Tally2 don Kullewa da Buɗe Hoƙarin shiga na SSH da bai yi nasara ba

Ana amfani da module pam_tally2 don kulle asusun masu amfani bayan wasu adadi na ƙoƙarin shiga ssh da bai yi nasara ba ga tsarin. Wannan rukunin yana riƙe ƙididdigar hanyoyin samun dama da ƙoƙari da yawa da suka gaza.

pam_tally2 module tazo kashi biyu, daya pam_tally2.so wani kuma pam_tally2. Ya dogara ne akan tsarin PAM kuma ana iya amfani dashi don bincika da sarrafa fayil ɗin ƙira. Zai iya nuna ƙoƙarin shiga mai amfani yana ƙidaya, saita ƙididdiga akan daidaikun mutane, buɗe duk ƙididdigar mai amfani.

Ta hanyar tsoho, an riga an shigar da ƙirar pam_tally2 a kan mafi yawan abubuwan rarraba Linux kuma ƙirar PAM ce ke sarrafa ta. Wannan labarin yana nunawa akan yadda za'a kulle da buɗe asusun SSH bayan sun kai ga wasu adadin gazawar yunƙurin shiga.

Yadda Kullewa da Buɗe Asusun Mai amfani

Yi amfani da fayil ɗin daidaitawa '/etc/pam.d/password-auth' don daidaita ƙoƙarin shiga shiga. Buɗe wannan fayil ɗin kuma ƙara layin sanyi na AUTH a gare shi a farkon ɓangaren 'auth'.

auth        required      pam_tally2.so  file=/var/log/tallylog deny=3 even_deny_root unlock_time=1200

Na gaba, ƙara layi mai zuwa zuwa 'asusun' sashe.

account     required      pam_tally2.so

  1. fayil =/var/log/tallylog - Ana amfani da fayil na tsoho don adana ƙididdigar shiga.
  2. musanta = 3 - Musanta samun dama bayan ƙoƙari 3 da kulle mai amfani.
  3. even_deny_root - Ana amfani da siyasa ga tushen mai amfani.
  4. unlock_time = 1200 - Za'a kulle asusun har zuwa 20 Min. (cire waɗannan sigogin idan kana son kullewa har abada har sai da hannu ya buɗe.)

Da zarar kun yi tare da daidaitawa a sama, yanzu kuyi ƙoƙari don ƙoƙari na shiga 3 da ba a yi nasarar shiga uwar garke ta amfani da kowane 'sunan mai amfani' ba. Bayan kayi ƙoƙari sama da 3 zaka sami saƙon mai zuwa.

 ssh [email 
[email 's password:
Permission denied, please try again.
[email 's password:
Permission denied, please try again.
[email 's password:
Account locked due to 4 failed logins
Account locked due to 5 failed logins
Last login: Mon Apr 22 21:21:06 2013 from 172.16.16.52

Yanzu, tabbatar ko bincika kantin da mai amfani yayi ƙoƙari tare da umarnin mai zuwa.

 pam_tally2 --user=tecmint
Login           Failures  Latest    failure     From
tecmint              5    04/22/13  21:22:37    172.16.16.52

Yadda ake sake saitawa ko buɗe asusun mai amfani don sake samun damar shiga.

 pam_tally2 --user=tecmint --reset
Login           Failures  Latest    failure     From
tecmint             5     04/22/13  17:10:42    172.16.16.52

Tabbatar da yunƙurin shiga an sake saitawa ko buɗewa

 pam_tally2 --user=tecmint
Login           Failures   Latest   failure     From
tecmint            0

Modulea'idodin PAM ɓangare ne na duk rarraba Linux da daidaitawar da aka bayar game da su suyi aiki akan duk rarraba Linux. Yi 'mutum pam_tally2' daga layin umarni don ƙarin sani game da shi.

Karanta Har ila yau:

  1. Tukwici 5 don Amintarwa da kare Sabar SSH
  2. Toshe Harin SSH Brute Force Ta Amfani da DenyHosts