Answer by jen_h for Securing SSH server against bruteforcing
What has been effective for me: As others have said, no root login, PasswordAuthentication set to no (only login w/keys) in sshd_config Only one or two users allowed to log in via ssh and they've got...
View ArticleAnswer by Patrick Heckenlively for Securing SSH server against bruteforcing
There are a number of good suggestions offered here. I respectfully suggest that three things should make this relatively secure: Run the sshd on a random high port. The bots typically only go after...
View ArticleAnswer by topdog for Securing SSH server against bruteforcing
There is a better way to do this, using fail2ban means you have to add an application, and it operates at the application layer. If you use iptables it is more efficient as it operates at the network...
View ArticleAnswer by John Lowry for Securing SSH server against bruteforcing
DenyHosts, http://denyhosts.sourceforge.net/, is a good project I have had luck with. If you set denyhosts up to synchronize it will download new IPs to add to a ban list that have had to bruteforce...
View ArticleAnswer by vmfarms for Securing SSH server against bruteforcing
Something which isn't mentioned here and really should is limiting access via firewall. This doesn't suit every situation, but if you're connecting to the host from a consistent location with a static...
View ArticleAnswer by alex for Securing SSH server against bruteforcing
I have an SSH server connected to the internet on the default port and have never experienced issues.. tcp_wrappers (ie. hosts.allow hosts.deny) for SSH.. I dont think there is an SSH out there that...
View ArticleAnswer by Andreas Rehm for Securing SSH server against bruteforcing
I've stopped brute force attacks with: fail2ban sshd.config: PasswordAuthentication No PermitRootLogin No Limiting SSH Connect rates with iptables (http://www.debian-administration.org/articles/187)
View ArticleAnswer by pfyon for Securing SSH server against bruteforcing
An option (to be used in addition to other security measures) is have sshd listen on a port other than 22. I haven't tried it myself, but have heard it reduces the number of pure brute force attacks by...
View ArticleAnswer by TheCompWiz for Securing SSH server against bruteforcing
There is no substitute for secure passwords AND key-authentication. That being said, Fail2Ban is a great tool for banning IPs of users who attempt to authenticate too many times. It's also available as...
View ArticleAnswer by caleban for Securing SSH server against bruteforcing
You could also look into sshguard. I haven't used it but I've heard good things. Sources: http://isc.sans.edu/diary.html?storyid=9370 http://www.sshguard.net/ http://www.sshguard.net/docs/faqs/...
View ArticleAnswer by gWaldo for Securing SSH server against bruteforcing
Fail2ban and Port Knocking should address most of your needs. Changing your SSH port and only allowing Key-based authentication are also recommended. It can be argued that you may reach a point of...
View ArticleAnswer by Sweet for Securing SSH server against bruteforcing
I've always been a big fan of CSF/LFD which can block IP addresses of people trying to bruteforce, portscan, and some other options. It's basically a huge perl-wrapper for IP tables, but the...
View ArticleSecuring SSH server against bruteforcing
I have a little SVN server, old dell optiplex running debian. I don't have that high demands on my server, because its just a little SVN server... but do want it to be secure. I just renewed my server...
View Article