Comment on How to harden against SSH brute-forcing?
someacnt@sh.itjust.works 1 week agoThanks a lot! Geoblocking makes a lot of sense, will try!
Comment on How to harden against SSH brute-forcing?
someacnt@sh.itjust.works 1 week agoThanks a lot! Geoblocking makes a lot of sense, will try!
sugar_in_your_tea@sh.itjust.works 1 week ago
I highly recommend using key-based SSH authentication exclusively for all users on your server, and disallow root login as well.
Geoblocking mostly cuts down on the spam, but also constrains where an actual attack can come from. If there’s some kind of zero-day attack on SSH, this will dramatically reduce the risk you’re hit.
someacnt@sh.itjust.works 1 week ago
Fortunately my VPS (oracle) has set SSH authentication to be default. Disallowing root login sounds good, gotta try that as well.