Secure SSH against brute force
I have certain measures to secure SSH against Brute force attack (what is Brute force click h3r3 ?) I'm writing this post to reply a question on Shorewall mailing list, and I got the idea that it may be relevant to many others of us. I recommend doing the following but please remember it is all relative measure on how you want to do it ! 0) Disable root login and use "sudo" or "su" 1) Options like these help (in /etc/sshd_config): MaxAuthTries 4 MaxStartups 1:3:6 2) Disable password authentication in ssh and enable Certificate based authentication. 3) BlockHosts BlockHosts , is a script written in Python, is easier to set up, maintain, and configure. The idea behind BlockHosts is to continuously scan a syslog file for SSHD failed login attempts, and add the IP addresses listed there (after a predetermined number of attempts have been exceeded) to the system's /etc/hosts.deny file -- a different approach from that of Daemon Shield, which us...