We can make sure that SSH password brute force attacks fail entirely by requiring public key auth on all of machines.
Done as of a few seconds ago, this change will be pushed out to the servers within the hour.
Recording our rationale for posterity:
Logging in via passwords is already disallowed on bastion and pkgs and other machines that are public facing. We have left this protection out of publictest unintentionally and have, in the past, left it out intentionally for internal-only hosts (so that people didn't have to forward their agents which could be subverted).
At this time, we think that the temporary subversion from a forwarded agent is less severe than having a password permanently compromised if it is typed in when ssh'ing from/to a compromised box. Additionally, turning this off keeps us protected from brute force password attacks attempting to login to our public-facing boxes. So we're going to turn this off globally.
Login to comment on this ticket.