[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] SSH login attempts



> Using an obscure port only prevents attempts being logged, nothing else. And if you’re going to use an alternate port, pick one under 1024. Make it so an attacker needs to be root before they replace your sshd process.
If you take that approach, make sure you are using a hardware firewall blocking inbound connections to ports above 1024.

Also SSH Keys, password auth disabled is enough - you don't even need to change your SSH port :D

On Tue, Sep 4, 2018 at 8:44 AM Sean Brown <just@xxxxxxxxxxxxxxx> wrote:
On Sep 4, 2018, at 8:40 AM, Natus <natus@xxxxxxxxxx> wrote:
>
>> Use some tool like fail2ban and/or ssh key authentication.
>
> Also change the default port of your ssh endpoint (eg: 2222)
>
>


Using an obscure port only prevents attempts being logged, nothing else. And if you’re going to use an alternate port, pick one under 1024. Make it so an attacker needs to be root before they replace your sshd process.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays