Probably remove the password accept from the sshd all together. Set password authentication to “no” instead of commenting it out. One gotcha is I needed to make a config for ssh to use public key and the preferred authentication.
On Mon, Aug 8, 2022 at 10:01 AM Aaron Birenboim <
aaron@boim.com> wrote:
I've been getting constant ssh attacks, like several per minute.
Any suggestions? I could change the port from 22, but I don't know if
that will do much.
There used to be some sort of sshd wrapper which could ban an IP after
failed attempts. I think it was deprecated. The attack IP changes,
but there often a few dozen attacks from the same IP. Again, some
help... but not much.
I have password access disabled. (You need to have a key to ssh in).
Anything else I should do?
aaron
_______________________________________________
nmglug mailing list
nmglug@lists.nmglug.org
http://lists.nmglug.org/listinfo.cgi/nmglug-nmglug.org