Running ssh on unreserved ports
Patrick Kobly
patrick at kobly.com
Sun Feb 20 22:13:16 UTC 2011
On 2011-02-20, at 9:05 AM, "Alex" <mysqlstudent at gmail.com> wrote:
> Hi,
>
>>> Fail2ban is easy to set up, and I've seen it stop attempts here.
>
> Everything helps, but this is one that I wouldn't really rely on, in
> case the log file format for ssh changed in some way, or the script
> died and it wasn't noticed.
FWIW, I would most assuredly notice fail2ban stopping in an extremely short period of time due to the notification emails of newly jailed ips stopping.
>
>> I am paranoid about ssh and welcome suggestions that increase my ssh
>> security configuration, in particular, and overall security, in general.
>
> All great ideas. You haven't mentioned hosts.allow/deny. Perhaps you
> referencing that in your comment about googleing for China IP
> addresses?
>
> I also recently found this:
>
> # Google Authenticator
> http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=1066447
>
> This is apparently some application that somehow integrates with your
> phone to authenticate you with ssh? Anyone have any success with this?
>
> Thanks,
> Alex
> --
> users mailing list
> users at lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
More information about the users
mailing list