[nmglug] ssh attacks

Akkana Peck akkana at shallowsky.com
Mon Aug 8 09:42:16 PDT 2022


John Osmon writes:
> Look into fail2ban -- it is on most linux distros I'm used to seeing.
> It may do something that helps your situation.
> 
> Changing to another port does help cosmetically.  (It also allows you to
> run something on a port that captive portals allow through -- say,
> 53...)

Both of those have helped on our server, though we still get plenty
of attacks. But if you run something like fail2ban, make sure you
have some sort of out-of-band option to get to the server in
emergencies: it's a real drag when due to some weird circumstance
you end up locked out of ssh to your own server.

        ...Akkana


More information about the nmglug mailing list