Comment on How to harden against SSH brute-forcing?

<- View Parent
sugar_in_your_tea@sh.itjust.works ⁨1⁩ ⁨day⁩ ago

I highly recommend using key-based SSH authentication exclusively for all users on your server, and disallow root login as well.

Geoblocking mostly cuts down on the spam, but also constrains where an actual attack can come from. If there’s some kind of zero-day attack on SSH, this will dramatically reduce the risk you’re hit.

source
Sort:hotnewtop