[tor-relays] List of Relays' Available SSH Auth Methods
Dan Thill
dgt at acm.org
Tue Nov 18 17:40:31 UTC 2014
On Tue, Nov 18, 2014, at 10:45 AM, Zack Weinberg wrote:
> On Tue, Nov 18, 2014 at 11:15 AM, Toralf Förster <toralf.foerster at gmx.de>
> wrote:
> > On 11/18/2014 04:28 PM, Jeroen Massar wrote:
> >> People should realize though that it is not 'safer' in any way running
> >> SSH on another port.
> >
> > But it is (slightly) more expensive - which counts, or ?
>
> In my limited experience, moving SSH to another port made no apparent
> difference to the number of random attempts to break in. I'd
> recommend fail2ban or equivalent instead.
In my equally limited experience, my piddly middle relay went from about
100 SSH related fail2bans/day to zero when I changed the port. I fully
recognize changing the port is mere obfuscation (I use public key
anyways), but I just got tired of seeing the same list of abusers
(China, Russia) in the logs every single day.
Now if only those open proxy scanners would stop hitting port 80 on my
tor-project mirror--24hr bans don't seem to have any impact.
More information about the tor-relays
mailing list