3,228
edits
Changes
From SME Server
Jump to navigationJump to searchno edit summary
==Public SSH Acess==
An alternate method to protect your ssh access from attacks could be either [[Fail2ban]] or [[Denyhosts]].
==Public SSH Access==
Configuring SSH access as public will result in lots of script based login attempts which consume bandwidth, CPU and generate log noise. A new iptables rule which blocks repeated connection attempts to the configured sshd port. See [[bugzilla: 8257]] and [[bugzilla:8258]]
Configuring SSH access as public will result in lots of script based login attempts which consume bandwidth, CPU and generate log noise. A new iptables rule which blocks repeated connection attempts to the configured sshd port. See [[bugzilla: 8257]] and [[bugzilla:8258]]
It is set to reject connections when there have been 3 or more requests in the previous 15 minutes. The autoblock lapses when there have been fewer than this many requests in the specified times (set by AutoBlockTime).
It is set to reject connections when there have been 3 or more requests in the previous 15 minutes. The autoblock lapses when there have been fewer than this many requests in the specified times (set by AutoBlockTime).
'''By design only IP outside your local network will blocked if too many attempts are done.'''
'''By design only IP outside your local network will be blocked if too many attempts are done.'''
===Default values===
===Default values===
