Re: ssh doesn't work.

To: debian-user@lists.debian.org
Subject: Re: ssh doesn't work.
From: Reco <recoverym4n@gmail.com>
Date: Thu, 8 Dec 2016 01:18:38 +0300
Message-id: <[🔎] 20161208011838.6c4f956a1bc9e5d7102bba94@gmail.com>
In-reply-to: <[🔎] 20161207205446.GA9605@smallapple.itcfollmann.com>
References: <[🔎] CAP6JtwjnYtX+CC-_f2eGOsNdO99T_sErvoODKTLZC54MaZeGJQ@mail.gmail.com> <[🔎] 20161206062205.GZ21587@bitfolk.com> <[🔎] CAP6JtwjW5pcU5FBO-Hs+F0boD5F8fzKEMp4PJ3EmnRTbYhN9UA@mail.gmail.com> <[🔎] 20161207160724.GA7410@smallapple.itcfollmann.com> <[🔎] CAP6JtwhWNbky===Q1mwB22ZA+WC3WZrq_ZosQR9WS7yhqUShXg@mail.gmail.com> <[🔎] 20161207182323.GA8703@smallapple.itcfollmann.com> <[🔎] 20161207184934.GV28989@eeg.ccf.org> <[🔎] 20161207191451.GA682@nothingtosee.org> <[🔎] 20161207232853.4b2df0df80a32874e699177a@gmail.com> <[🔎] 20161207205446.GA9605@smallapple.itcfollmann.com>

On Wed, 7 Dec 2016 15:54:46 -0500
Henning Follmann <hfollmann@itcfollmann.com> wrote:

> On Wed, Dec 07, 2016 at 11:28:53PM +0300, Reco wrote:
> > 	Hi.
> > 
> > On Wed, 7 Dec 2016 21:14:51 +0200
> > Antti Talsta <atalsta@nothingtosee.org> wrote:
> > 
> > > On Wed, Dec 07, 2016 at 01:49:34PM -0500, Greg Wooledge wrote:
> > > 
> > > > Changing the port at least decreases the number of brute force attacks
> > > > against you, which saves resources (bandwidth, CPU) that are otherwise
> > > > wasted by the attackers.
> > > 
> > > How about fail2ban for that?
> > 
> > How fail2ban can help against an army of bots trying one single
> > password per bot?
> > 
> That actually works well. Usually it's multiple attempts from one ip.
> fail2ban catches exactly that. And then blacklists that ip.

Probably it is so. It's been awhile since I ran publicly accessible
sshd on port 22 with password authentication enabled.

Personally I prefer a bunch of simple iptables rules to fail2ban
though. After all, why bother running a userspace tool, if you can
force the kernel itself to do the job?

Reco

Reply to:

Follow-Ups:
- Re: ssh doesn't work.
  - From: Darac Marjal <mailinglist@darac.org.uk>

References:
- ssh doesn't work.
  - From: EenyMeenyMinyMoa <eenymeenyminymoa@gmail.com>
- Re: ssh doesn't work.
  - From: Andy Smith <andy@strugglers.net>
- Re: ssh doesn't work.
  - From: EenyMeenyMinyMoa <eenymeenyminymoa@gmail.com>
- Re: ssh doesn't work.
  - From: Henning Follmann <hfollmann@itcfollmann.com>
- Re: ssh doesn't work.
  - From: EenyMeenyMinyMoa <eenymeenyminymoa@gmail.com>
- Re: ssh doesn't work.
  - From: Henning Follmann <hfollmann@itcfollmann.com>
- Re: ssh doesn't work.
  - From: Greg Wooledge <wooledg@eeg.ccf.org>
- Re: ssh doesn't work.
  - From: Antti Talsta <atalsta@nothingtosee.org>
- Re: ssh doesn't work.
  - From: Reco <recoverym4n@gmail.com>
- Re: ssh doesn't work.
  - From: Henning Follmann <hfollmann@itcfollmann.com>

Prev by Date: Re: ssh doesn't work.
Next by Date: Re: default "Default-Release" for APT
Previous by thread: Re: ssh doesn't work.
Next by thread: Re: ssh doesn't work.
Index(es):
- Date
- Thread