Saphirus Sage wrote:
I'd just as soon leave the root account able to be logged in over SSH and remove password authentication in preference of a 2048-bit RSA key. Just use a script to add failed logins to a deny list.
I tend to forget that this isn't Debian, so yeah, that'll work ;D
