Hi !
The "black list" option seems to be a quite good idea.
A 'black death naughty client' doesn't need to have the server fingerprint to connect ('check server fingerprint' option unchecked).
Then he only needs to try several login & passwords to connect.
But as far as the 'black listed' IPs are entered manually, I wonder if it's possible to automaticly 'back list' IPs that attemps to connect to server with a wrong password , or that tries seval logins & password on a short delay ? (3x tries... or more, ... or as defined).
On the same idea, isn't it possible to only allow some IPs. (as far as clients have known permanent IPs), or make some kind of access-lists.
Thanks - really a great great product.
Jeff