Answer the question
In order to leave comments, you need to log in
7 answer(s)
@15432
@CityCat4
_
@phoenixbk
@cyber punk
@Antuan1979
1
15432, 2020-07-13 @15432
If password authentication is enabled on SSH with a weak or missing password, or SSH itself is an old vulnerable version - only then will there be a danger to the server
C
CityCat4, 2020-07-14 @CityCat4
They will break :) Select passwords, take up resources. Deny root login, access only by key, limit IP range. You can also change the port, but this is caught quickly, although it helps in the complex.
C
chief, 2020-07-14 _
Open ports to the outside are always dangerous. But if you protect well, then you can do without VPN.
Look for fail2ban - it will help from brute force bots.
Well, or authorization only by ssh-key. Then the port will be broken, but never broken :)
Well, or else you can do port knocking.
E
Eugene, 2020-07-14 @phoenixbk
I've had a VPS for over a year. They broke on the SSH port, but not very often, judging by the logs. In any case, I did not notice any significant loads. Well, as far as I understand, Ubuntu Server has an automatic blocking of new login attempts with a certain number of incorrect logins / passwords. Didn't fix it, left it as is.
But just in case, I added 2FA to SSH.
https://www.linuxbabe.com/ubuntu/two-factor-authen...
Let them at least break now :)
PS Number of login attempts per day:
5099 Jul 6
5496 Jul 7
4094 Jul 8
5867 Jul 9
4378 Jul 10
6326 Jul 11
6585 Jul 12
7481 Jul 13
4505 Jul 14
C
cyber punk, 2020-07-14 @cyber punk
Fail2ban and authorization by key. Well, not a necromantic version of the server, of course.
Eugene , by the way, also speaks wisely
A
Antuan1979, 2020-07-17 @Antuan1979
1. Change ssh port from 22 to say 2525
2. Set key login and disable password login
Similar questions
Y
F
K
B
M
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question