This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSH autoblock?

Ok so I know that I'll be all but chastised but I like having external SSH open.. I like having the "tool" of a linux box that I can get to from anywhere for pinging external hosts, usually nmapping and even dig'ing hosts from work thereby removing our firewalls and routers from the mix.  It's proven quite useful in the past.

However I noticed that today I had some jerks trying to brute force my ssh login.  So what I'm wondering is.. Has anyone installed autoblobk or is there any type of Astaro friendly ip blocking mechanism that I can use in this case?  (even if it voids my warranty ;p)

I assume similar to my ifled modification.. I assume other compiled binaries "might" work.  Or, not being an SSH guru myself, does it support something of this nature natively?

Thanks

This thread was automatically locked due to age.

0 BarryG over 15 years ago

Hi, I'd recommend setting up one of the remote access VPNs in Astaro with your laptop or PCs or whatever; then you can VPN in, and SSH in without having SSH open to the world.

Otherwise, just make sure that the passwords for 'loginuser' and 'root' are more than 8 chars and you should be fine.

Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 bryanjacobs over 15 years ago

You can do what Barry said or if your into editing your sshd_config (template) you can disable password authentication and then only enable public/private keys and this will prevent any sort of bruteforce password guessing. This is how I do it.
Cancel
Vote Up 0 Vote Down

Cancel