<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>I have the same experience - I'm using freedombox as (internet
exposed) router, and I get several root login ssh attempts from
various ip addresses every few seconds.</p>
<p>I've installed fail2ban, but as pam-abl is present, that was
probably an overkill.</p>
<p>D.<br>
</p>
<br>
<div class="moz-cite-prefix">On 15.03.2017 18:11, Jonas Smedegaard
wrote:<br>
</div>
<blockquote
cite="mid:148959788115.20997.5762421952112875607@auryn.jones.dk"
type="cite">
<pre wrap="">Quoting Aaron Ferrucci (2017-03-15 17:30:00)
</pre>
<blockquote type="cite">
<pre wrap="">Hi all,
I see thousands of ssh login attempts on my freedombox. I've disabled
password login, so I think I'm pretty secure, but the attacks are
wasting cycles and filling my log files.
I've configured sshd to use a non-standard port (security by
obscurity) - I think that would reduce or eliminate the attacks - but
I believe the firewall is now getting in the way. So my question: how
can I open up the firewall for tcp on my non-standard port number? Is
that via the plinth interface, or is it a command-line thing (either
is fine).
If someone can point me in the right direction, I'll add a paragraph
on this to the manual.
</pre>
</blockquote>
<pre wrap="">
For new Debian installations - which includes Freedombox - ssh ignore
password-based access to root.
Also freedombox uses pam-abl which blocks the vast majority of those
"thousands" of login attemts for random non-root accounts.
So perhaps you are vasting your time complicating matters.
- Jonas
</pre>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Freedombox-discuss mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Freedombox-discuss@lists.alioth.debian.org">Freedombox-discuss@lists.alioth.debian.org</a>
<a class="moz-txt-link-freetext" href="http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss">http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss</a></pre>
</blockquote>
<br>
</body>
</html>