[Freedombox-discuss] sshd on non-standard port?

Sunil Mohan Adapa sunil at medhas.org
Thu Mar 16 05:05:25 UTC 2017

On Thursday 16 March 2017 01:46 AM, Daddy wrote:
> I have the same experience - I'm using freedombox as (internet exposed)
> router, and I get several root login ssh attempts from various ip
> addresses every few seconds.
> I've installed fail2ban, but as pam-abl is present, that was probably an
> overkill.

Fail2ban is good choice in this case because we wish to stop attempts
from happening (and logs from filling up).  Fail2ban actively
discourages an adversary by blocking their packet traffic which
libpam-abl does not.  Fail2ban also has the infrastructure for making
web based login attempts harder.

There have been previous discussions about adding fail2ban to FreedomBox
by default.  I opened a new issues to implement this fail2ban for SSH[1]
and Plinth[2].  If someone is interested they can pick it up (slightly
more than 'beginner' level difficulty).


1) https://github.com/freedombox/Plinth/issues/759
2) https://github.com/freedombox/Plinth/issues/760


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 858 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20170316/14e09931/attachment-0001.sig>

More information about the Freedombox-discuss mailing list