[HN Gopher] SSHGuard
       ___________________________________________________________________
        
       SSHGuard
        
       Author : tosh
       Score  : 3 points
       Date   : 2022-11-26 22:35 UTC (25 minutes ago)
        
 (HTM) web link (www.sshguard.net)
 (TXT) w3m dump (www.sshguard.net)
        
       | thesuperbigfrog wrote:
       | Similar tool: fail2ban:
       | https://www.fail2ban.org/wiki/index.php/Main_Page
       | 
       | Tools like these are essential if you have Internet-facing SSH
       | services.
       | 
       | Best practices for Internet-facing SSH:
       | 
       | - run on non-standard port (not port 22)
       | 
       | - disable passwords, use SSH passkeys instead:
       | https://www.techrepublic.com/article/how-to-setup-ssh-key-au...
       | 
       | - disable remote root SSH
       | 
       | - run fail2ban, sshguard, or similar "block IP addresses for
       | suspicious activity" services
       | 
       | - extra fanciness: setup port knocking:
       | https://www.tecmint.com/port-knocking-to-secure-ssh/
        
       ___________________________________________________________________
       (page generated 2022-11-26 23:01 UTC)