Re: Undesired ssh login attempts

To: debian-user@lists.debian.org
Subject: Re: Undesired ssh login attempts
From: Dan Purgert <dan@djph.net>
Date: Sun, 10 Jun 2018 11:09:49 -0000 (UTC)
Message-id: <[🔎] slrnphq1nt.3q1.dan@xps-linux.djph.net>
References: <[🔎] pfivuk$mlt$1@blaine.gmane.org>

deloptes wrote:
> Hi,
> I recently get many of those, which means someone found out that ssh
> external is on port 22222 and is trying to do some evil work there.
> Should I worry or do something?

Use key-based auth only
Ensure root ssh login is not allowed
Perhaps fail2ban (or equivalent)
Perhaps forget about funny ports (as they're "security by obscurity" at
best).

-- 
|_|O|_| Registered Linux user #585947
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Reply to:

Follow-Ups:
- Re: Undesired ssh login attempts
  - From: Roberto C. Sánchez <roberto@debian.org>
- Re: Undesired ssh login attempts
  - From: Thomas D Dial <tdial@acm.org>

References:
- Undesired ssh login attempts
  - From: deloptes <deloptes@gmail.com>

Prev by Date: Undesired ssh login attempts
Next by Date: [no subject]
Previous by thread: Undesired ssh login attempts
Next by thread: Re: Undesired ssh login attempts
Index(es):
- Date
- Thread