[tor-relays] Many SSH requests
The Doctor [412/724/301/703/415/510]
drwho at virtadpt.net
Thu Apr 1 18:46:18 UTC 2021
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Wednesday, March 31, 2021 9:35 AM, Cristiano Kubiaki Gomes <cristianockg at gmail.com> wrote:
> O noticed many ssh requests to my Debian VM running a Relay and I am wondering if this is normal or if this is happening only with me.
> Anyone else see this ssh attemptives? Is it normal?
Yup, it's background radiation on the Internet. We all get them.
If SSH key authentication only isn't enabled, turn it on. Change the port sshd is listening on.
Set up fail2ban to further protect the new port (I get a lot of portscans hammering my nodes
looking for the new sshd port followed by brute force attempts, so may as well cut 'em off
at the knees).
Or set up a hidden service for sshd on the box and reconfigure it to listen on the loopback only.
You'll only be able to SSH in over the Tor network after that, but it'll cut the login attempts way
down.
The Doctor [412/724/301/703/415/510]
WWW: https://drwho.virtadpt.net/
The old world is dying, and the new world struggles to be born. Now is the time of monsters.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20210401/326583cf/attachment-0001.htm>
More information about the tor-relays
mailing list