34
BadFox
6y

I'm glad someone is having fun.

Comments
  • 9
    I would be kinda terrified

    I know a couple of resources on making your ssh host secure, but still... I'm no sysadmin...
  • 10
    install fail2ban, problem solved
  • 4
    @bytecode can it accidentally ban yourself?
  • 2
    @bytecode it's installed, I've just been lazy enough to put off configuring it for quite some time.
  • 2
    @erandria I've been thinking of just using generated keys. Probably 2048-bit or more.
  • 8
    showing your IP [92.238.*.*] to the public? :) Brave.

    Also, my guys are more lazy. I think they're giving up :)

    There were 3255 failed login attempts since the last successful login.

    The best part, I still have root password ssh auth enabled :) Good luck guessing that mthfckrs!
  • 6
    Change the default port from 22. I often use 22022. It helps a lot.

    Doesn’t make it more secure, but you’ll receive A LOT less requests.

    You can also geo block Asia, then you will get even less attempts.
  • 3
    Or if you have a public ipv6, then just use that. That also helps
  • 3
    Just use ed25519 and when you can successfully authenticate with it on two users set permit password off in sshd config.
    Never bothered with fail 2 ban, I trust they can't brute force my keys
  • 3
    CSF to the rescue!
  • 2
    Took me solid 8.34 seconds to realise that this is terminal on mobile.
    For more than 4 seconds I was like, "Why the hell there are icons on terminal? which zsh theme is that O.o?!"
  • 2
    @devs security through obscurity much? :P
  • 3
    @JiggleTits wouldn’t call it security. Still need fail2ban and such, but the network uses a lot less bandwidth since fewer people are trying to poke through
  • 2
    @devs fair point
  • 4
    Disable root login (this is a must) and switch from using passwords to using the PKI. Disable password login and laugh at all the pointless login attempts.
  • 1
    @Aldar @hjk101 yeah, I'll probably switch to using generated keys whenever I'm not a lazy 🥔.
  • 1
    @devs I don't have a public IPv6 address so no can do but I will probably change the port number sooner or later.
  • 1
    @devs BTW it's "ChinaNet Jiangsu Province Network", whatever that is.
  • 0
    @BadFox even just changing the port makes a huge difference
  • 1
    @netikras I don't have a static IPv4 address. I use a dynamic DNS service to connect remotely so me sharing that address won't matter eventually. That traffic was in just a day, I checked earlier and it was much higher that that but then it reset so...

    My plan is to make it extremely expensive and leave them guessing. I'll just get a laugh out of it.
  • 0
    @linuxxx I use FirewallD for now but I'll probably switch to UFW for the simpler configuration.
  • 2
    @lazysnail hehehe, I'm sort of lazy so if I don't have to move I won't hence the phone JuiceSSH app.
  • 2
    @erandria well if you fail enough times, yes, it can... but you should be using keys instead of passwords anyway so that should not happen
  • 2
    @erandria It can accidentally ban yourself, but only for a limited amount of time.
  • 1
    @BadFox actually I use keys in ssh agent because I'm lazy. Even though I use a password manager authenticating is still bothersome.
    Don't use any software that needs to do something over ssh and doesn't support ssh-agent.
    It's brilliant shit just works (git, sftp client, IDE etc)
  • 0
    @hjk101 that's good, I'll probably do that once I have the time.
Add Comment