Probably remove the password accept from the sshd all together. Set password authentication to “no” instead of commenting it out. One gotcha is I needed to make a config for ssh to use public key and the preferred authentication. On Mon, Aug 8, 2022 at 10:01 AM Aaron Birenboim <aaron@boim.com> wrote:
I've been getting constant ssh attacks, like several per minute.
Any suggestions? I could change the port from 22, but I don't know if that will do much.
There used to be some sort of sshd wrapper which could ban an IP after failed attempts. I think it was deprecated. The attack IP changes, but there often a few dozen attacks from the same IP. Again, some help... but not much.
I have password access disabled. (You need to have a key to ssh in). Anything else I should do?
aaron
_______________________________________________ nmglug mailing list nmglug@lists.nmglug.org http://lists.nmglug.org/listinfo.cgi/nmglug-nmglug.org