[Freedombox-discuss] sshd on non-standard port?

Jonas Smedegaard jonas at jones.dk
Thu Mar 16 08:34:04 UTC 2017

Quoting Sunil Mohan Adapa (2017-03-16 06:05:25)
> On Thursday 16 March 2017 01:46 AM, Daddy wrote:
>> I have the same experience - I'm using freedombox as (internet exposed)
>> router, and I get several root login ssh attempts from various ip
>> addresses every few seconds.
>> I've installed fail2ban, but as pam-abl is present, that was probably an
>> overkill.
> Fail2ban is good choice in this case because we wish to stop attempts 
> from happening (and logs from filling up).  Fail2ban actively 
> discourages an adversary by blocking their packet traffic which 
> libpam-abl does not.  Fail2ban also has the infrastructure for making 
> web based login attempts harder.
> There have been previous discussions about adding fail2ban to 
> FreedomBox by default.  I opened a new issues to implement this 
> fail2ban for SSH[1] and Plinth[2].  If someone is interested they can 
> pick it up (slightly more than 'beginner' level difficulty).

pam-abl is more resource-efficient and arguably less brittle than 
fail2ban, as it hooks into the login process itself whereas fail2ban 
rely on parsing logfiles (which especially under attack can grow large).

pam-abl can be configured to block network traffic altogether - from a 
quick search for "pam-abl iptables":


> Links:
> 1) https://github.com/freedombox/Plinth/issues/759
> 2) https://github.com/freedombox/Plinth/issues/760

Can we please track Freedombox issues at our Debian bugtracker?

 - Jonas

 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20170316/bef80c6a/attachment.sig>

More information about the Freedombox-discuss mailing list