Matthew Graybosch hello at matthewgraybosch.com
Mon Jun 15 02:31:07 BST 2020
- - - - - - - - - - - - - - - - - - -
On Sun, 14 Jun 2020 15:34:08 -0500jes <j3s at c3f.net> wrote:
You might also consider that there are a number of drawbacks
regarding fail2ban, here's the article that I've written on the
subject:
https://j3s.sh/thoughts/fail2ban-sucks.txt Thanks. I just finished reading this, and am now reading the article onOpenSSH hardening that you linked. I had root login disabled from thestart, so that's a start. :)
I've also seen some forum posts suggesting that I can disable passwordauthentication for all users by default, and then allow exceptions forparticular users. This might help me harden Tanelorn without makingthings harder for less-skilled users who haven't gotten the hang ofgenerating a ssh key and copying it yet.
-- Matthew Graybosch gemini://starbreaker.org#include <disclaimer.h> gemini://demifiend.orghttps://matthewgraybosch.com gemini://tanelorn.city"Out of order?! Even in the future nothing works."