Ask Your Question
0

An IP trying to login to my FS 29, How to secure my Server?

asked 2019-01-01 11:19:35 -0500

Tarik gravatar image

updated 2019-01-01 11:42:35 -0500

Hi all,

I found in my log file this info:

image description

18:08 error: maximum authentication attempts exceeded for root from 122.194.229.49 port 24467 ssh2 [preauth]

I did the following to secure my Server:

1- I disabled the root SSH login : [root@root ~]# vi /etc/ssh/sshd_config ----> PermitRootLogin yes ------> PermitRootLogin no

2- I removed the SSH port from my server's Firewall.

I did right steps? Can I do something more to secure my server?

Best Regards

edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
2

answered 2019-01-01 11:28:20 -0500

jalal gravatar image
  • You can change the default port from 22 to any other number,
  • You can prevent access to ssh with password, only by key, that's a good idea,
edit flag offensive delete link more

Comments

Thank you very much, I will keep SSH disabled better.

Tarik gravatar imageTarik ( 2019-01-03 02:04:21 -0500 )edit
1

answered 2019-01-02 06:17:19 -0500

fcomida gravatar image

You could install and configure denyhosts. It will analyze sshd logs and add the ip of potential intruders to /etc/hosts.deny file.

edit flag offensive delete link more

Comments

Thank you very much, I will keep SSH disabled better.

Tarik gravatar imageTarik ( 2019-01-03 02:05:12 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2019-01-01 11:19:35 -0500

Seen: 80 times

Last updated: Jan 02