How to cut down on ssh attacks
Robert Moskowitz
rgm at htt-consult.com
Mon Jun 16 13:55:20 UTC 2025
I just installed logwatch on my mailserver.
the server has been running for a couple weeks, so it is 'known'. Ran a
test of logwatch daily and the sshd authentication failures lists
575 lines, each with multiple attempts!
In one day!
ufw does specify 'limit' port 22:
22/tcp LIMIT Anywhere
22/tcp (v6) LIMIT Anywhere (v6)
anything else I can do to slow this nonsense down?
I tried my regular of moving sshd to another port, but MiaB has ssh so
embedded in its functionality that I gave up running through all the
changes in it I need on moving sshd. Don't ask my opinion on this
dependency, but MiaB is otherwise worth the pain....
More information about the ubuntu-users
mailing list