This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

A lot of Failed SSH login

Hi,
I just got my Astaro firewall working. I'm getting about 20 Failed SSH login alerts a day. They are all from different IPs. What is the recommended settings for this situation? I do not connect via SSH so I can just turn it off. So far I've only manage Astaro via the web interface but once I learn more I may want to access Linux on it.
Thanks,
Ryan

This thread was automatically locked due to age.

0 AngeloC over 15 years ago

Hi Ryan,

Easiest way to avoid this is just to limit the "allowed networks" for the SSH login to the internal network only. These types of "attempts" arent really targeted, just random bots scouring the web looking for vulnerable hosts (which we are not) to exploit with their payloads, so while it cant damage you , it's a good practice to limit the visiblity of the ssh, or turn it off altogether if you don't need it. Limiting it to the internal network is what I normally do; if i need to access it from the outside world via the CLI, just VPN in first then make your connection to the private IP of your ASG. To do that, you have to then add the VPN pool of addresses to the ssh allowed networks as well, or else you'll be jumping via remote desktop from a lan machine [;)]
Cancel
Vote Up 0 Vote Down

Cancel
0 mynameisRyan over 15 years ago

Sounds like a good plan...Thank you.

Ryan
Cancel
Vote Up 0 Vote Down

Cancel