thiccdiccnicc@sh.itjust.works to Selfhosted@lemmy.worldEnglish · 2 years agoHave I been pwned?sh.itjust.worksexternal-linkmessage-square19fedilinkarrow-up114arrow-down13file-text
arrow-up111arrow-down1external-linkHave I been pwned?sh.itjust.worksthiccdiccnicc@sh.itjust.works to Selfhosted@lemmy.worldEnglish · 2 years agomessage-square19fedilinkfile-text
minus-squareZetaphor@zemmy.cclinkfedilinkEnglisharrow-up4·2 years agoHow many of you actually disable root and password based login, change the default SSH port, and setup fail2ban?
minus-squareSheeEttin@lemmy.worldlinkfedilinkEnglisharrow-up6·2 years agoI just don’t put SSH on the internet at all.
minus-squareZetaphor@zemmy.cclinkfedilinkEnglisharrow-up1·2 years agoThere’s no reason to allow root login, it’s asking for trouble. Password based login is even worse. Changing the SSH port just makes it harder for the drive-by bots trying the whole IPv4 range
How many of you actually disable root and password based login, change the default SSH port, and setup fail2ban?
I just don’t put SSH on the internet at all.
Is fail2ban not enough?
There’s no reason to allow root login, it’s asking for trouble. Password based login is even worse. Changing the SSH port just makes it harder for the drive-by bots trying the whole IPv4 range