While fail2ban is very useful you still get a lot of automated authentication attempts. I additionally added port knocking using the knock daemon on the Server: so in regular state even the ssh port is blocked by the firewall. to temporarily unlock the ssh port you have to knock on a few ports in a configurable order. only then the ssh port is opened for a few seconds foryou to connect to. e.g. knock youserver.com 18754 26557 28864 && ssh user@yourserver.com to login
this completely took away the failed login attempts in my logs.
I have 17 years of experience as a Full Stack Developer. I like how Python is robust and JavaScript is ambitious. Sometimes I dream in my mind about the wind in my sail...
While fail2ban is very useful you still get a lot of automated authentication attempts. I additionally added port knocking using the knock daemon on the Server: so in regular state even the ssh port is blocked by the firewall. to temporarily unlock the ssh port you have to knock on a few ports in a configurable order. only then the ssh port is opened for a few seconds foryou to connect to. e.g.
knock youserver.com 18754 26557 28864 && ssh user@yourserver.comto loginthis completely took away the failed login attempts in my logs.
Thank you for
knockutility. Never used it before.