On 18.11.2014 18:40, Dan Thill wrote:
In my equally limited experience, my piddly middle relay went from about 100 SSH related fail2bans/day to zero when I changed the port. I fully recognize changing the port is mere obfuscation (I use public key anyways), but I just got tired of seeing the same list of abusers (China, Russia) in the logs every single day. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
A good option to avoid bruteforces from these "special" countries is to combine sshd with geo-IP based blocking. I am using a python based script to block countrys based on their two-letter countrycode. Just block all the countries you don’t live/work/travel in combine it with fail2ban, disable root login and you are probably as safe as with key based logins.
BR Felix