this post was submitted on 12 Oct 2023
92 points (97.9% liked)

Linux

48145 readers
729 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

From The Hacker News

you are viewing a single comment's thread
view the rest of the comments
[–] maiskanzler@feddit.de 5 points 1 year ago (1 children)

Eh, those attempts are just noise anyway. Use proper pubkey auth instead of normal passwords and you'll be fine. Any key size is probably enough to prevent successful bruteforce attacks. Anything above 2048 and there's basically no chance for them to guess right within several years of constant trying. Most bots move along quickly as well, they try their predefined list of (common usernames) x (common passwords) and that's it.

Install endlessh, an ssh tar pit, if you want to make their lives a little more annoying. Use a non-standard port if your OCD can't stand the slowly filling auth attempt logs.

[–] Shdwdrgn@mander.xyz 1 points 1 year ago

Yeah they're not getting in with my current setup anyway, I just prefer to also boot the failed attempts so I'm not relying on a single layer of protection -- you never know what future security leak might rear its ugly head. I did get one issue with fail2ban fixed though so it is once again properly dropping what it can, but this bot seems to be really persistent and has quite a long list of available IPs to work from.