On Wed, 2010-03-17 at 22:55 +0100, Michał Piotrowski wrote:
I recetly had 30 hours of ssh brute force attack on my system.
using strong passwords, but still can be geneated from /dev/random, so
I switched to rsa authentication. What's your favourite way to deal
with such attacks? Please describe pros and cons.
off-topic, but here's a few: run ssh on a high, non-standard port,
implement a portknocker, only work with certificates (not passwords),
set PermitRootLogin to no in your sshd config, obfuscate your