[Freedombox-discuss] sshd on non-standard port?
Jonas Smedegaard
jonas at jones.dk
Wed Mar 15 17:11:21 UTC 2017
Quoting Aaron Ferrucci (2017-03-15 17:30:00)
> Hi all,
> I see thousands of ssh login attempts on my freedombox. I've disabled
> password login, so I think I'm pretty secure, but the attacks are
> wasting cycles and filling my log files.
>
> I've configured sshd to use a non-standard port (security by
> obscurity) - I think that would reduce or eliminate the attacks - but
> I believe the firewall is now getting in the way. So my question: how
> can I open up the firewall for tcp on my non-standard port number? Is
> that via the plinth interface, or is it a command-line thing (either
> is fine).
>
> If someone can point me in the right direction, I'll add a paragraph
> on this to the manual.
For new Debian installations - which includes Freedombox - ssh ignore
password-based access to root.
Also freedombox uses pam-abl which blocks the vast majority of those
"thousands" of login attemts for random non-root accounts.
So perhaps you are vasting your time complicating matters.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20170315/d051a217/attachment.sig>
More information about the Freedombox-discuss
mailing list