Re: [OT] Is it possible to hide the ip in ssh connection

[lina <lina.lastname@gmail.com>]

On Monday 20,August,2012 10:44 PM, Mika Suomalainen wrote:
> On 20.08.2012 17:02, lina wrote:
>> On Monday 20,August,2012 09:59 PM, lina wrote:
>>>> Hi,
>>>>
>>>> I ssh to a server which has 400+ users, active ones around
>>>> 100.
>>>>
>>>> Frankly speaking, I would feel comfortable to hide my IP if
>>>> possible,
>>>>
>>>> any suggestions (I checked the spoof, but seems not positive),
>>>>
>>>> Thanks with best regards,
>>>>
>>>>
>> Another question, how do I know whether there are some people are 
>> attempting to invade my laptop, my username, ip are all exposed
>> there.
> 
> If you have SSHd and that is what you are worried about, grep ssh from
> /var/log/auth.log .

This is the first time I know the auth.log

Aug 20 16:06:14 Debian sshd[10509]: Did not receive identification
string from 172.21.48.161
Aug 20 16:06:42 Debian sshd[10510]: Invalid user administrator from
172.21.48.161

Aug 20 16:06:43 Debian sshd[10510]: Failed password for invalid user
administrator from 172.21.48.161 port
56139 ssh2
Aug 20 16:06:44 Debian sshd[10510]: Connection closed by 172.21.48.161
[preauth]

172.21.48.161 is not the ip of any servers I connected to.
and for ssh I use public keys to connect to sever, don't use password.
For the whole day I didn't shut down the laptop, 172.21.50.108 is the
ip, and furthermore I checked
# more syslog | grep 172.21.48.161
# more syslog.1 | grep 172.21.48.161
my laptop has never been bound to this IP before.

I don't know shall I be a bit appalled or not.

> I'm not sure does that require loglevel being "VERBOSE" in sshd_config.
> 
> And you might also want to install something like SSHGuard (package
> sshguard) to protect your SSHd and other services, which it protects
> from attackers. http://www.sshguard.net/
Thanks very much.

Best regards,
> 
>