[Freedombox-discuss] sshd on non-standard port?

Jonas Smedegaard jonas at jones.dk
Wed Mar 15 17:11:21 UTC 2017

Quoting Aaron Ferrucci (2017-03-15 17:30:00)
> Hi all,
> I see thousands of ssh login attempts on my freedombox. I've disabled
> password login, so I think I'm pretty secure, but the attacks are
> wasting cycles and filling my log files.
> I've configured sshd to use a non-standard port (security by
> obscurity) - I think that would reduce or eliminate the attacks - but
> I believe the firewall is now getting in the way. So my question: how
> can I open up the firewall for tcp on my non-standard port number? Is
> that via the plinth interface, or is it a command-line thing (either
> is fine).
> If someone can point me in the right direction, I'll add a paragraph
> on this to the manual.

For new Debian installations - which includes Freedombox - ssh ignore
password-based access to root.

Also freedombox uses pam-abl which blocks the vast majority of those 
"thousands" of login attemts for random non-root accounts.

So perhaps you are vasting your time complicating matters.

 - Jonas

 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20170315/d051a217/attachment.sig>

More information about the Freedombox-discuss mailing list