[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] SSH login attempts

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] SSH login attempts
From: Sean Brown <just@xxxxxxxxxxxxxxx>
Date: Tue, 4 Sep 2018 08:44:27 -0400
Arc-authentication-results: i=1; mx.zoho.com; dkim=pass header.i=bumponalog.info; spf=pass smtp.mailfrom=just@xxxxxxxxxxxxxxx; dmarc=pass header.from=<just@xxxxxxxxxxxxxxx> header.from=<just@xxxxxxxxxxxxxxx>
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1536065069; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To:ARC-Authentication-Results; bh=DX/UwD0f+7HEk3+asgyea/bm71ukhawp8pdJenFlWGY=; b=YJ3r0qLzzUvgwWi257ThFm/cqPRpdGj9R8l4EMFx7w/pWqYuSSKpnZLcX8it3k4bH9LO4t+L5s/0vsDBUEy0FS5j3CTNFwCn7woYJe4Y8UxUUBAdsVKJJ+5NCELTnrDLitUOwlEMcGYLhdf5fPOwl9JR4YNeoj+Jn0JIYhzpWio=
Arc-seal: i=1; a=rsa-sha256; t=1536065069; cv=none; d=zoho.com; s=zohoarc; b=bbMs9F1JG5IZ6wm17FrDOcSaPqg2su8gfaHPwNdtZJ2sweDqoIIJj7fzyu1VeHsmMfY1ronWi7rGtSYkyHWexWLy6yIhMCBhftwmaKRyVAsm9WiSmOv9pq+VhOQmNtI1PitIlr7/w6loCGWP86kOgGGx3gxxTwa3y78XL/WF0OE=
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 04 Sep 2018 08:44:44 -0400
In-reply-to: <20180904124056.r7abkpapyq7u74mt@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <9FAA393D-380B-4C0A-B4AF-76C0EE9E8BAD@mailbox.org> <732405187.141449.1536064730373.JavaMail.zimbra@apawc.com.au> <20180904124056.r7abkpapyq7u74mt@riseup.net>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On Sep 4, 2018, at 8:40 AM, Natus <natus@xxxxxxxxxx> wrote:
> 
>> Use some tool like fail2ban and/or ssh key authentication.
> 
> Also change the default port of your ssh endpoint (eg: 2222)
> 
> 

Using an obscure port only prevents attempts being logged, nothing else. And if you’re going to use an alternate port, pick one under 1024. Make it so an attacker needs to be root before they replace your sshd process.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] SSH login attempts
  - From: Nathaniel Suchy
- Re: [tor-relays] SSH login attempts
  - From: Ralph Seichter

References:
- [tor-relays] SSH login attempts
  - From: Marcus Wahle
- Re: [tor-relays] SSH login attempts
  - From: Paul Templeton
- Re: [tor-relays] SSH login attempts
  - From: Natus

Prev by Author: Re: [tor-relays] SSH login attempts
Next by Author: Re: [tor-relays] Multi node management programs/platforms?
Previous by thread: Re: [tor-relays] SSH login attempts
Next by thread: Re: [tor-relays] SSH login attempts
Index(es):
- Author
- Thread