On Wed, Jul 08, 2015 at 03:45:01PM -0300, Mauro Souza wrote: > I have a VPS that got a continuous stream of ssh login attempts, so I set > up fail2ban on it. After that, I changed SSH port from 22 to a random one. > And installed portsentry. And configured PAM to use Google Authentication > for SSH. > > Doing this, the failed logins went to zero. No more bots crawling around > and bruteforcing my VPS.
It should be enough to turn off PasswordAuthentication and ChallengeResponseAuthentication to no in sshd_config and simply use public key cryptography to login. Kind regards Philipp Kern ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
