On 27/10/2020 16:35, Scott Alfter wrote:
> In article ,
> The Natural Philosopher   wrote:
>> I have sshd running wide open on two public servers. Although they are
>> attacked constantly - several per second attempts - no one has ever
>> guessed my username and password, which is the only one that allows a
>> login...
>
> If you're logging into a public-facing server with your password, you're
> doing it wrong.  Read up on SSH public-key authentication, and set it up.
> It's easy, and it's more secure than passwords.

I use that mostly, yes. But I leave the odd backdoor open for when I am
away from all devices that I own...

>
> Also, if you don't already have it, set up fail2ban.  It'll ban IPs that
> hammer your SSH server.

To be honest, I am not sure that the fail2ban uses any less cycles than
sshd when rejecting rubbish


Let's put it this way. The amount of CPU and RAM used in rejecting
ratware is less than is used in rejecting attempts to sntp relay and so on.

I make a point of not fixing problems I don't have.


>
>    _/_
>   / v \ Scott Alfter (remove the obvious to send mail)
> (IIGS( https://alfter.us/           Top-posting!
>   \_^_/                              >What's the most annoying thing on
Usenet?
>


--
Labour - a bunch of rich people convincing poor people to vote for rich
people by telling poor people that "other" rich people are the reason
they are poor.

Peter Thompson

--- SoupGate-Win32 v1.05