Help with secure configuration

Dario Piantanida dario.piantanida at gmail.com
Fri Oct 3 16:43:44 WST 2014


Hello, I'm a happy dropbear user for my LG ARM Debian 6 NAS.

To allow me to access it from internet, I exposed NAS port 22 on my home
router.
Yesterday I saw a nice Chinese gentleman trying and trying to login as root
on my NAS, so I would like to strengthen the configuration.

First I would like to know if it is possibile to ban an IP after too many
failed attempts.

Second I would like to allow password login from within the LAN and require
certificate login from outside: is this possible?

Last thing: I test modifications to my NAS on a ARM QEMU VM with Debian 6
installed; when I try to put latest dropbear there (sudo dpkg -i), it says
(I can't cut&paste):

Restarting dropbear SSH server: ipv6: Unknown symbol udp_push_pending_frames
invoke-rc.d: initscript dropbear (--install):
   the subprocess for old post-installation script returned error state 1
Errors isntalling dropbear

and it is not there.
Does anybody know how to fix this?

Thank you very much!
Dario
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20141003/3ba93c24/attachment.htm 


More information about the Dropbear mailing list