[Discuss] PSA: no root login for SSH
Matthew Gillen
me at mattgillen.net
Tue Dec 22 09:40:31 EST 2020
Since we were talking about services globally accessible recently, just
wanted to share a public service announcement. Below is a pretty
typical /daily/ count of failed logins on a publicly accessible ssh
server under my purview. Seeing as how root has 10 times the hits of
the next biggest target, if you're not set up with some sort of MFA this
is why it can be a good idea to set the "PermitRootLogin no" option in
your sshd config.
Also useful to not allow login for system accounts, although this is
managed by PAM on my fedora machine (no uid < 1000; be wary if manually
creating system accounts, usually packages following your distro's
packaging guidelines will have system-accounts created properly)
"username" "number of failed logins"
root 4328
admin 444
MikroTik 320
profile1 320
user1 316
admin1 314
default 314
administrator 252
ubnt 250
user 248
support 244
web 238
tech 200
demo 174
telecomadmin 160
debian 18
test 18
Administrator 12
oracle 12
ubuntu 12
pi 10
NetLinx 6
apache 6
backup 6
centos 6
cirros 6
cisco 6
cloudera 6
device 6
ethos 6
git 6
guest 6
hacker 6
hunter 6
hxeadm 6
localadmin 6
m202 6
maint 6
nagios 6
More information about the Discuss
mailing list