[nmglug] ssh attacks
Wesley Robbins
wezzels at gmail.com
Mon Aug 8 09:45:35 PDT 2022
Probably remove the password accept from the sshd all together. Set
password authentication to “no” instead of commenting it out. One gotcha
is I needed to make a config for ssh to use public key and the preferred
authentication.
On Mon, Aug 8, 2022 at 10:01 AM Aaron Birenboim <aaron at boim.com> wrote:
> I've been getting constant ssh attacks, like several per minute.
>
> Any suggestions? I could change the port from 22, but I don't know if
> that will do much.
>
> There used to be some sort of sshd wrapper which could ban an IP after
> failed attempts. I think it was deprecated. The attack IP changes,
> but there often a few dozen attacks from the same IP. Again, some
> help... but not much.
>
> I have password access disabled. (You need to have a key to ssh in).
> Anything else I should do?
>
> aaron
>
>
> _______________________________________________
> nmglug mailing list
> nmglug at lists.nmglug.org
> http://lists.nmglug.org/listinfo.cgi/nmglug-nmglug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nmglug.org/pipermail/nmglug-nmglug.org/attachments/20220808/7229b0bf/attachment.html>
More information about the nmglug
mailing list