John Hinton wrote:
sophana wrote:
using denyhosts is sufficient for me. After several password attempts, it simply disables the ip address. I now have 133 denied ips in /etc/hosts.deny Of course, you have to make sure that you don't use simple passwords
I find it easier to deny all and then allow the very few who actually use ssh. But, this can get you into trouble if you suddenly find you need to shell in when out of town. A backdoor somewhere is a good idea!
Just be careful. I was in China last month and had a server in NYC that needed some minor surgery. I ssh'ed in and spent about 10 minutes fixing things. Even though this machine is running ssh on a non-standard port, within MINUTES that port (and only that port) was being probed from inside China. And I was connecting from a 5 star hotel in Beijing (not some Internet cafe). The world is truly becoming a dangerous place in terms of computer security.
Cheers,