[nmglug] ssh attacks

Wesley Robbins wezzels at gmail.com
Mon Aug 8 09:45:35 PDT 2022


Probably remove the password accept from the sshd all together.  Set
password authentication to “no” instead of commenting it out.    One gotcha
is I needed to make a config for ssh to use public key and the preferred
authentication.

On Mon, Aug 8, 2022 at 10:01 AM Aaron Birenboim <aaron at boim.com> wrote:

> I've been getting constant ssh attacks, like several per minute.
>
> Any suggestions?   I could change the port from 22, but I don't know if
> that will do much.
>
> There used to be some sort of sshd wrapper which could ban an IP after
> failed attempts.  I think it was deprecated.   The attack IP changes,
> but there often a few dozen attacks from the same IP. Again, some
> help...  but not much.
>
> I have password access disabled.  (You need to have a key to ssh in).
> Anything else I should do?
>
> aaron
>
>
> _______________________________________________
> nmglug mailing list
> nmglug at lists.nmglug.org
> http://lists.nmglug.org/listinfo.cgi/nmglug-nmglug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nmglug.org/pipermail/nmglug-nmglug.org/attachments/20220808/7229b0bf/attachment.html>


More information about the nmglug mailing list