Menu
▾
▴
Re: [Sshguard-users] protecting a server with password authentication disabled
|
From: <li...@la...> - 2016-04-17 23:00:49
|
I was thinking once only ssh accepted keys, then ssh guard would have nothing to "see". If sshguard in going to block ssh password attempts even if you set up your system to only accept keys, then the end result is the same. Come to think of it, my VPS only allows keys for ssh, so I've been running with passwords blocked all along. Regarding the other services, my though was any IP that was hacking ssh is likely to hack say Dovecot, so might as well block the ssh attempt even if the system doesn't accept passwords. Which brings me to the question, how do I verify Dovecot failures have been blocked? And if the answer is to attempt some incorrect login to Dovecot, hopefully my IP won't be blocked forever, which I believe is the current state of sshguard. Original Message From: Kevin Zheng Sent: Sunday, April 17, 2016 3:33 PM To: ssh...@li... Reply To: ssh...@li... Subject: Re: [Sshguard-users] protecting a server with password authentication disabled On 04/17/2016 14:18, li...@la... wrote: > If you use a key, is there any advantage to blocking the port 22 > password guessers? That is, sshguard does protect other services. I'm > thinking an IP that attacks ssh is likely to attack other services. > The hacker/bot doesn't know passwords are not used for ssh. If your sshd is configured to allow only key logins, password guessing attempts will show up as "preauth" disconnects. SSHGuard treats these messages like any other attack and blocks accordingly. Whether other services are protected or not depends on how your firewall rules are set up. > Then if the answer is no, once password logins are not allowed on > ssh, should the blocking list be wiped? Not sure what this question is asking. Best, Kevin -- Kevin Zheng kev...@gm... | ke...@be... | PGP: 0xC22E1090 ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z _______________________________________________ Sshguard-users mailing list Ssh...@li... https://lists.sourceforge.net/lists/listinfo/sshguard-users |
