I also found failed2ban had much less work to do, banning handful a day, not a thousand, by stopping ssh password authentication and using private key authentication. Something I should have done from the start anyway. It seems when if a server sends public key on attempted login and refuses password it stops the kiddies/robots from trying anymore.
Gerry -----Original Message----- From: tor-relays <tor-relays-boun...@lists.torproject.org> On Behalf Of Toralf Förster Sent: 21 September 2020 14:53 To: tor-relays@lists.torproject.org Subject: Re: [tor-relays] SSH On 9/21/20 1:52 PM, Logforme wrote: > Change the SSH default port. AFAICT that helped but only fore a while. After few weeks/months the non-default port is discovered by (a probably more extensible port scan) and the failed login attempts continued. -- Toralf _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
