Re: How can I secure a Debian installation?
On Tue 28 Jan 2014 at 09:46:43 +0000, Joe wrote:
> My recommendation would be to run sshd on a high port number. Before the
> usual chorus jumps in, I know *that* *does* *not* *improve* *security*,
Fine; we are in agreement.
> but it certainly gives you cleaner log files. Though over a number of
Searching /var/log/auth* for "Failed password for" gives me
5846
16247
17517
7889
7477
so we can agree there too.
> years, I've had vastly more attempts to connect to port 22 than
> full-spectrum port scans (in fact I've never had one of the latter) and
> I am forced to conclude than in my personal case, it *does* improve
> security. But put your trust in good keys, the bots are all looking to
The conclusion appears to contradict the first statement.
> do password attacks.
Putting your trust in good passwords is not misplaced.
Reply to: