BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] PSA: no root login for SSH
- Subject: [Discuss] PSA: no root login for SSH
- From: me at mattgillen.net (Matthew Gillen)
- Date: Tue, 22 Dec 2020 09:40:31 -0500
Since we were talking about services globally accessible recently, just wanted to share a public service announcement. Below is a pretty typical /daily/ count of failed logins on a publicly accessible ssh server under my purview. Seeing as how root has 10 times the hits of the next biggest target, if you're not set up with some sort of MFA this is why it can be a good idea to set the "PermitRootLogin no" option in your sshd config. Also useful to not allow login for system accounts, although this is managed by PAM on my fedora machine (no uid < 1000; be wary if manually creating system accounts, usually packages following your distro's packaging guidelines will have system-accounts created properly) "username" "number of failed logins" root 4328 admin 444 MikroTik 320 profile1 320 user1 316 admin1 314 default 314 administrator 252 ubnt 250 user 248 support 244 web 238 tech 200 demo 174 telecomadmin 160 debian 18 test 18 Administrator 12 oracle 12 ubuntu 12 pi 10 NetLinx 6 apache 6 backup 6 centos 6 cirros 6 cisco 6 cloudera 6 device 6 ethos 6 git 6 guest 6 hacker 6 hunter 6 hxeadm 6 localadmin 6 m202 6 maint 6 nagios 6
- Follow-Ups:
- [Discuss] PSA: no root login for SSH
- From: dbarrett at blazemonger.com (Daniel Barrett)
- [Discuss] PSA: no root login for SSH
- From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] PSA: no root login for SSH
- Prev by Date: [Discuss] Wireguard [Was Re: dovecot: "Disconnected (no auth attempts in 0 secs)"?]
- Next by Date: [Discuss] PSA: no root login for SSH
- Previous by thread: [Discuss] jitsi and streaming question solved
- Next by thread: [Discuss] PSA: no root login for SSH
- Index(es):