On 17/01/2019 17.30, Per Jessen wrote:
Carlos E. R. wrote:
On 17/01/2019 14.49, Per Jessen wrote:
Peter Suetterlin wrote:
Patrick Shanahan wrote:
if you are not running a server, don't install fail2ban.
Any reasoning for this? I definitely disagree. Anything that has an open ssh port should run it IMHO. And that's more than just servers....
Alternatively - use keys for ssh, and that problem is gone. Or if that's too cumbersome, move ssh to a higher port. Works wonders.
I do both.
When you're using keys, there is no need to change the port. You gain nothing.
Less noise on the logs, banging the port 22 produces nothing. Actually, apparently my router has its own ssh service, and it can not be stopped. I had to firewall it instead, because IRC would not let me in: they actively probe ports on clients: [19:19] [Notice] -freenode-connect- Welcome to freenode. To protect the network all new connections will be scanned for vulnerabilities. This will not harm your computer, and vulnerable hosts will be notified.
Curious thing is, I have no idea if there are attempts at my router, it doesn't report anything.
With keys, there is nothing to report.
Yes, the attempts. There is noise. -- Cheers / Saludos, Carlos E. R. (from 15.0 x86_64 at Telcontar)