[NBLUG/talk] opensshd delay after fail

[Bob Blick]

Everybody who reads their logs sees brute force ssh login attempts, once
per second or more frequently.

For highest security, having no users and disabling interactive ssh is the
way to go, but this is impractical.

Some people have routed sshd through the pam modules to add a delay, but
pam doesn't behave the way one would like for ssh.

Has anyone found a solution that adds a delay to sshd for failed login
attempts? A patch to opensshd or an alternative to opensshd?

Thanks,

Bob