Re: Growing sshd process count

To: Michael van Elst <mlelstv%serpens.de@localhost>
Subject: Re: Growing sshd process count
From: Martin Husemann <martin%duskware.de@localhost>
Date: Sun, 9 Oct 2022 08:28:04 +0200

On Sat, Oct 08, 2022 at 09:40:48AM +0200, Michael van Elst wrote:
> No idea what kind of protection Hetzner is offering. But such attacks
> rarely qualify as DDOS, it's usually a single bot that does rapid login
> attempts. Sometimes you have several concurrent independent attacks.

I have not followed closely, but wanted to note that of cours the first
and obvious thing you should make sure is that sshd is configured to
not accept any kind of password based authentication (unless you really
need them, which is hard to imagine).

If you do not need PAM authentication, set this in /etc/ssh/sshd_config:

	PasswordAuthentication no
	UsePAM no

If you need PAM, you also have to disable passwords for sshd at the PAM level.

Martin

Follow-Ups:
- Re: Growing sshd process count
  - From: Mayuresh

References:
- Growing sshd process count
  - From: Mayuresh
- Re: Growing sshd process count
  - From: Michael van Elst
- Re: Growing sshd process count
  - From: Mayuresh
- Re: Growing sshd process count
  - From: Michael van Elst

Prev by Date: Re: set -o emacs ; stty -echo
Next by Date: Re: Growing sshd process count
Previous by Thread: Re: Growing sshd process count
Next by Thread: Re: Growing sshd process count
Indexes:

Home | Main Index | Thread Index | Old Index