To add a collaborator to this project you will need to use the Relish gem to add the collaborator via a terminal command. Soon you'll be able to also add collaborators here!
More about adding a collaboratorSecurity
As a consumer
I want all satellite secure shell access temporarily disabled after several failed login attempts
So that intruders cannot cause trouble on my satellite
- Scenarios
-
- good password
- one bad password
- one bad password does not lock me out
- five bad passwords locks me out
- satellite lockout is temporary
- six slow bad password does not lock me out
- default security
- good password
-
- Given
- a satellite with default security policy
- When
- I ssh with a good password
- Then
- I login ok
- one bad password
-
- Given
- a satellite with default security policy
- When
- I ssh with a bad password
- Then
- I see "Auth fail"
- one bad password does not lock me out
-
- Given
- a satellite with 1 strike against it
- When
- I ssh with a good password
- Then
- I login ok
- five bad passwords locks me out
-
- Given
- a satellite with 5 strikes against it
- When
- I ssh with a good password
- Then
- I see "Connection refused"
- satellite lockout is temporary
-
- Given
- a satellite with a 2 minute lockout time policy
- And
- 5 strikes against it
- When
- I wait 3 minutes
- And
- I ssh with a good password
- Then
- I login ok
- six slow bad password does not lock me out
-
- Given
- a satellite with 3 strikes against it
- When
- I wait 6 minutes
- And
- I ssh with a bad password 3 times
- And
- I ssh with a good password
- Then
- I login ok
- default security
-
- Given
- a satellite with factory security policy
- When
- I check that security policy
- Then
- I see "max_auth_failures" is 5 attempts
- And
- I see "lockout_time" is 30 minutes
- And
- I see "collection_period" is 300 seconds
Last published over 7 years ago by awostenberg.