On 2022-12-11 13:50, Robert Heller wrote:
> At Sun, 11 Dec 2022 10:37:26 +0100 "Carlos E.R." <robin_...@es.invalid> wrote:
>
>>
>> On 2022-12-11 01:53, Robert Heller wrote:
>>> At Sat, 10 Dec 2022 19:25:09 -0500 Andreas Kohlbach <
a...@spamfence.net> wrote:
>>>> On Sat, 10 Dec 2022 09:53:29 +0000, The Natural Philosopher wrote:
>>>>>
>>>>> On 09/12/2022 19:35, Robert Heller wrote:
>>>>>> At Fri, 9 Dec 2022 17:36:33 +0000 The Natural Philosopher <t...@invalid.invalid> wrote:
>>>>>
>>>>>>> This is the best way except it does allow for a lot of random traffic
>>>>>>> hitting port 22 and trying to find a way in.
>>>>>>> Using obscure ports helps with this
>>>>>> Not really, but disabling passsword login greatly cuts down the
>>>>>> brute force
>>>>>> attempts.
>>>>>>
>>>>> Does it? Cant say I noticed.
>>>>
>>>> Not here. Scammers will don't know that password login was disabled and
>>>> go on trying.
>>>
>>> But instead of sshd "wasting time" hashing passwords, it just rejects the
>>> attempt early on. (A fail2ban rule could be used to firewall repeated failed
>>> attempts.)
>>
>> Firewall (iptables?) can do that directly, no need to involve a script.
>
> fail2ban programmably matches the logs to generate firewall rule (eg iptables,
> or whatever) for offending IP addresses.
Yes, I know. But there are iptables rules can do something similar