月度归档:2014年01月

在OpenSSH Server中禁用单个用户的密码登陆

最近发现有人老尝试登陆我的路由,让我感到非常不高兴。

于是稍微再网上做了一下搜索,找到了这个帖子,里面指出了解决办法:

1:直接禁用了该用户的密码。这个显然不符合我们的要求,禁用了之后luci不就废了么?

2:在sshd_config的最后,加上这么一段:

Match User myusername
PasswordAuthentication no

然后重启sshd,再次登陆的时候,就收到了提示,

Permission denied (publickey,keyboard-interactive)

OK了~

再去看系统日志,满屏的

Jan 17 11:53:04 Ferrets-Router auth.info sshd[9868]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:05 Ferrets-Router auth.info sshd[9870]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:05 Ferrets-Router auth.info sshd[9872]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:06 Ferrets-Router auth.info sshd[9874]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:07 Ferrets-Router auth.info sshd[9876]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:08 Ferrets-Router auth.info sshd[9878]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:08 Ferrets-Router auth.info sshd[9880]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:09 Ferrets-Router auth.info sshd[9882]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:10 Ferrets-Router auth.info sshd[9884]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:11 Ferrets-Router auth.info sshd[9886]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:11 Ferrets-Router auth.info sshd[9888]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:12 Ferrets-Router auth.info sshd[9890]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:13 Ferrets-Router auth.info sshd[9892]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:13 Ferrets-Router auth.info sshd[9894]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:14 Ferrets-Router auth.info sshd[9896]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:15 Ferrets-Router auth.info sshd[9898]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:16 Ferrets-Router auth.info sshd[9900]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:16 Ferrets-Router auth.info sshd[9902]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:17 Ferrets-Router auth.info sshd[9904]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:18 Ferrets-Router auth.info sshd[9906]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:18 Ferrets-Router auth.info sshd[9908]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:19 Ferrets-Router auth.info sshd[9910]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:20 Ferrets-Router auth.info sshd[9912]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:21 Ferrets-Router auth.info sshd[9914]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:21 Ferrets-Router auth.info sshd[9916]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:22 Ferrets-Router auth.info sshd[9918]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:23 Ferrets-Router auth.info sshd[9920]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:23 Ferrets-Router auth.info sshd[9922]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:24 Ferrets-Router auth.info sshd[9924]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:25 Ferrets-Router auth.info sshd[9926]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:26 Ferrets-Router auth.info sshd[9928]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:26 Ferrets-Router auth.info sshd[9930]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:27 Ferrets-Router auth.info sshd[9932]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:28 Ferrets-Router auth.info sshd[9934]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:28 Ferrets-Router auth.info sshd[9936]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:29 Ferrets-Router auth.info sshd[9938]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:30 Ferrets-Router auth.info sshd[9940]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:31 Ferrets-Router auth.info sshd[9942]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:31 Ferrets-Router auth.info sshd[9944]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:32 Ferrets-Router auth.info sshd[9946]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:33 Ferrets-Router auth.info sshd[9948]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:33 Ferrets-Router auth.info sshd[9950]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:34 Ferrets-Router auth.info sshd[9952]: Disconnecting: Too many authentication failures for root [preauth]
Jan 17 11:53:36 Ferrets-Router auth.crit sshd[9954]: fatal: Read from socket failed: Connection reset by peer [preauth]

这孩子还是没放弃呢……不过毫无疑问,破解密码这种事情就别妄想了。