Ssh does support compression, but it seems to be only if the client requests it (ssh -C).
You could, though, write a pam module to trickle data out very slowly. Maybe pam_python would be easier to experiment with.
I use pam_shield to just null route ssh connections with X failed login attempts. There's no retaliation in that approach, but it does stop the brute forcing.
If you are being adventurous, I guess you can just let them log in for a special user that has the shell set to a program that sends single characters very slowly. It is probably quite insecure, though.
Ssh does support compression, but it seems to be only if the client requests it (ssh -C).
You could, though, write a pam module to trickle data out very slowly. Maybe pam_python would be easier to experiment with.
I use pam_shield to just null route ssh connections with X failed login attempts. There's no retaliation in that approach, but it does stop the brute forcing.
If you are being adventurous, I guess you can just let them log in for a special user that has the shell set to a program that sends single characters very slowly. It is probably quite insecure, though.
I have something similar on my VPS, edit /etc/issues.net to this
fail2ban, in a general sense.
No, this is a tarpit. Fail2ban simply rejects or drops vua iptables.
https://gist.github.com/Belphemur/82d27b1b6dfd675d15f2
Tarpit Action for Fail2ban with rate limit