I've just checked my server's auth logs and my god that's a lot of failed ssh login attempts.

I think I'll install an ssh honeypot to waste these peoples time...

Make sure you don't fail2ban them!

@RememberMe I'm gonna look into fail2ban as well, though I imagine I would point that to my actual ssh daemon, which will run on some other port

@theKarlisK oh lol I mean to use it as a pun
fail2ban is awesome

@theKarlisK that's exactly what I was gonna go for

update

endlessh didn't work, there wasn't any log to read and I can't be asked to set it up

port 22 will remain open with no service behind it, ssh is one some other random port

I could try combining fail2ban and endlessh but that's just too much effort

https://github.com/itskenny0/...

Ye, had the same issue.
-I also moved to a different port,
-Fail2ban is installed
-Also setup Firewall with a whitelist (using ufw)
-Disabled root login for ssh
-And disabled login using password for ssh (keys only)

No more failed login attempts. I hope I didn't forget anything

You could disable unwanted protocols.

Eg. only allowing ed25519 keys, disabling host keys for anything else.

Pooooof all die in preinit.

@theKarlisK yeah I definitely wanna look into limiting what encryption can be used
Gotta want that sweet elliptic curve