[tor-relays] List of Relays' Available SSH Auth Methods
Kevin de Bie
kevindebie at gmail.com
Tue Nov 18 17:38:37 UTC 2014
Fail2Ban works really well. Shifting to a non standard port only stops the
scriptkids from having too much automated options and does not do anything
for actual security. For this reason I personally never bothered with that.
Non standard username and password auth with fail2ban makes brute forcing
practically impossible, this is usually how I have things configured.
Op 17:46 di 18 nov. 2014 schreef Zack Weinberg <zackw at cmu.edu>:
> On Tue, Nov 18, 2014 at 11:15 AM, Toralf Förster <toralf.foerster at gmx.de>
> wrote:
> > On 11/18/2014 04:28 PM, Jeroen Massar wrote:
> >> People should realize though that it is not 'safer' in any way running
> >> SSH on another port.
> >
> > But it is (slightly) more expensive - which counts, or ?
>
> In my limited experience, moving SSH to another port made no apparent
> difference to the number of random attempts to break in. I'd
> recommend fail2ban or equivalent instead.
>
> zw
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20141118/e7700c35/attachment-0001.html>
More information about the tor-relays
mailing list