Menu
▾
▴
[SSHGuard-users] sshd and connections resulting in "kex_exchange_identification" errors
|
From: Greg B. <gbe...@ya...> - 2021-11-19 20:13:38
|
Hi, My sshd server sits on port 443 so I can get to it from behind corp firewalls. So it gets a lot of http requests, which result in things like: Nov 20 02:12:12 server sshd[1170601]: error: kex_exchange_identification: banner line contains invalid characters No IP is reported, so sshguard can't do anything about these. I'd like to block them - seems reasonable that a hack, or at least a DOS, could happen at that early point in sshd's protocol. Does anybody have experience blocking based on these connection attempts? Best regards, ~gb |
