[tor-relays] List of Relays' Available SSH Auth Methods

Felix Buedenhoelzer tor at cyb3rwr3ck.net
Tue Nov 18 20:04:30 UTC 2014


On 18.11.2014 18:40, Dan Thill wrote:
> In my equally limited experience, my piddly middle relay went from about
> 100 SSH related fail2bans/day to zero when I changed the port.  I fully
> recognize changing the port is mere obfuscation (I use public key
> anyways), but I just got tired of seeing the same list of abusers
> (China, Russia) in the logs every single day.
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

A good option to avoid bruteforces from these "special" countries is to
combine sshd with geo-IP based blocking. I am using a python based
script to block countrys based on their two-letter countrycode. Just
block all the countries you don’t live/work/travel in combine it with
fail2ban, disable root login and you are probably as safe as with key
based logins.

BR
Felix


More information about the tor-relays mailing list