I have the same experience - I'm using freedombox as (internet exposed) router, and I get several root login ssh attempts from various ip addresses every few seconds.
I've installed fail2ban, but as pam-abl is present, that was probably an overkill. D. On 15.03.2017 18:11, Jonas Smedegaard wrote: > Quoting Aaron Ferrucci (2017-03-15 17:30:00) >> Hi all, >> I see thousands of ssh login attempts on my freedombox. I've disabled >> password login, so I think I'm pretty secure, but the attacks are >> wasting cycles and filling my log files. >> >> I've configured sshd to use a non-standard port (security by >> obscurity) - I think that would reduce or eliminate the attacks - but >> I believe the firewall is now getting in the way. So my question: how >> can I open up the firewall for tcp on my non-standard port number? Is >> that via the plinth interface, or is it a command-line thing (either >> is fine). >> >> If someone can point me in the right direction, I'll add a paragraph >> on this to the manual. > For new Debian installations - which includes Freedombox - ssh ignore > password-based access to root. > > Also freedombox uses pam-abl which blocks the vast majority of those > "thousands" of login attemts for random non-root accounts. > > So perhaps you are vasting your time complicating matters. > > - Jonas > > > > _______________________________________________ > Freedombox-discuss mailing list > [email protected] > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
