The problem: SSH can be brute-forced I usually leave an SSH server on a dedicated port on every server I administer and, as you may recall, I even linked two well-written guides to properly configure and harden SSH services. Now, Internet is a notoriously bad place: scanners and exploiters have always been there, but brute-forcers … Continue reading Secure your SSH server against brute-force attacks with Fail2ban
Tag: hardening
Hardening services: let’s review our config files
It’s hardening Sunday here: I reviewed the config files of my main daemons (nginx, openvpn, tinc, sshd) with the help of two resources that I want to share with you, fellow readers. First of all, a guide dedicated exclusively to hardening ssh: from using public key authentication only (I strictly encourage it!) to the selection … Continue reading Hardening services: let’s review our config files