-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 thus Eero Volotinen spake: >>>> I have a server sitting right on the net and the constant barrage of 100s >> of >>>> Ips trying thousands of times at port 22 is insane. >>> You're quite sane. Anyone likely to hit your ssh at its new port is likely >>> to try port 22 first. So if they show up there first, blocking them is good >>> - unless you have legitimate users who may forget to go to your special port >>> and so get locked out after trying the default port first. >> There's also port knocking... > > how about enabling ssh login only with public keys ? What about using a different port, if narrowing down the networks/hosts *allowed* to connect to the machine is not an option, as it seems? Timo > -- > Eero, > RHCE -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFMYnHPfg746kcGBOwRAhi+AKCZ9xxjfy7W53HzIYaIB7pKI0eUOQCfcHy2 /iNpi+xZK9vMf9r8c1gTkbo= =xV/P -----END PGP SIGNATURE-----