On 17/01/2019 14.49, Per Jessen wrote:
Peter Suetterlin wrote:
Patrick Shanahan wrote:
if you are not running a server, don't install fail2ban.
Any reasoning for this? I definitely disagree. Anything that has an open ssh port should run it IMHO. And that's more than just servers....
Alternatively - use keys for ssh, and that problem is gone. Or if that's too cumbersome, move ssh to a higher port. Works wonders.
I do both. Curious thing is, I have no idea if there are attempts at my router, it doesn't report anything. What I know is only on the inside machine: Isengard sshd 6221 - - Accepted publickey for cer from 192.168.1.1 port ... ssh2: RSA SHA256:... and you see, it logs the internal IP of the router, not the external. -- Cheers / Saludos, Carlos E. R. (from 15.0 x86_64 at Telcontar)