thiccdiccnicc@sh.itjust.works to Selfhosted@lemmy.worldEnglish · 1 year agoHave I been pwned?sh.itjust.worksimagemessage-square15fedilinkarrow-up110arrow-down10file-text
arrow-up110arrow-down1imageHave I been pwned?sh.itjust.worksthiccdiccnicc@sh.itjust.works to Selfhosted@lemmy.worldEnglish · 1 year agomessage-square15fedilinkfile-text
minus-squareZetaphor@zemmy.cclinkfedilinkEnglisharrow-up2·1 year agoHow many of you actually disable root and password based login, change the default SSH port, and setup fail2ban?
minus-squareSheeEttin@lemmy.worldlinkfedilinkEnglisharrow-up2·1 year agoI just don’t put SSH on the internet at all.
minus-squareZetaphor@zemmy.cclinkfedilinkEnglisharrow-up1·1 year agoThere’s no reason to allow root login, it’s asking for trouble. Password based login is even worse. Changing the SSH port just makes it harder for the drive-by bots trying the whole IPv4 range
How many of you actually disable root and password based login, change the default SSH port, and setup fail2ban?
I just don’t put SSH on the internet at all.
Is fail2ban not enough?
There’s no reason to allow root login, it’s asking for trouble. Password based login is even worse. Changing the SSH port just makes it harder for the drive-by bots trying the whole IPv4 range