(myoso)Tissevert 🌼
@U039b Hi ! How is running SSH on port 22 «not caring about users» ? I suppose you mean it's a security risk but how is that a problem if root login is disabled and users can only SSH with a keypair ? Isn't running SSH on a different port «security through obscurity» ? In particular, how should the new port to use be chosen ?
0
Esther a.k.a U039b

@alice mastodon.social/@U039b/1026041

1
(myoso)Tissevert 🌼
@U039b This doesn't appear to be a public post, at least I can't open it : /
0
Esther a.k.a U039b

@alice Ooops sorry.
Running SSH on a high random port reduce the bumber of automatic attacks. Changing the listen port alone is not security. Admins should run fail2ban too.

1
(myoso)Tissevert 🌼
@U039b What about those automatic attack ? Do they have an impact in term of performance ? Is that why you linked it to «caring about users» ? How about the «security through obscurity» part ?
0
Esther a.k.a U039b

@alice Running SSH on port 22 is never a good sign because you expose your SSH to all the bots brute-forcing SSH. The security tip is: change the listen port and run fail2ban.
Per day, my fail2ban bans around 600 IP addresses and that represents around 120000 brute-force tests per day.

1
Sam the Octopus
Follow

@U039b @alice ...and?

if they've managed to brute-force a 2048-bit RSA key they're fucking welcome to it far as I'm concerned

· · 0 · 0 · 5
Sign in to participate in the conversation
Computer Fairies

Computer Fairies is a Mastodon instance that aims to be as queer, friendly and furry as possible. We welcome all kinds of computer fairies!

Resources

Developers

What is Mastodon?

computerfairi.es

More…