Recent searches
Search options
It's crazy to watch the auth.log on a system with an Internet exposed port 22. Seriously.
@mike I just disable password auth. Nobody is going to guess my private key.
@vitSkalicky @mike yes, disabling password auth and enabling fail2ban are the two essential configurations I do on every system that needs public ssh.
We once took over a legacy server from another company, with some software we planned to migrate. As the server was supposed to be put out of service nobody paid much attention to the config. Turned out it had password auth enabled and likely a weak password. Took only a couple of days and the system was breached and backdoored :/
@outsidecontext @mike But does fail2ban achieve anything useful if password auth is disabled?
@vitSkalicky @mike less so, but I think it still helps to discourage attackers from probing the server. And certain security issues often still require attackers to try many requests.