Re: [bitfolk] SSH access to Xen Shell will have to be tighte…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MG. Miliotis at <-
MAlun Jones at ->

Reply to this message
Author: Richard Glynos
Date:  
To: users, Keith Williams, BitFolk Users
Subject: Re: [bitfolk] SSH access to Xen Shell will have to be tightened up
I agree with Keith. I would find it problematic if I couldn't have password access to the Xen shell from time to time to resolve issues. I also use ipset on my VPS which I find flexible and powerful in keeping unwanted callers out. I'm using port 22 on the VPS but with key access only.

Richard.

On 2 March 2018 13:08:18 CET, Keith Williams <keithwilliamsnp@???> wrote:
>I travel quite a lot and do not always have access to all my keys.
>Although
>I do not often have to access the Xen shell, it would be very difficult
>if
>both were key only. It makes absolute sense to make port 22 key only,
>but
>if 922 were password as well it would be helpful. I use nonstandard
>ports
>for access to SSH on my VPS and as soon as I changed it I noticed a big
>change in my fail2ban logs.
>One other thing I have done is to set up ipset, No one should ever
>attempt
>to connect to port 22 on my machines so I have iptables add any that do
>to
>an ipset which is then blocked from any port. But that may not be
>possible
>for the Bitfolk set up
>
>On 2 March 2018 at 19:48, Gavin Westwood <
>bitfolk-lists-2015@???> wrote:
>
>> On 02/03/2018 11:11, Andy Smith wrote:
>> > Hi,
>> >
>> > The level of SSH scanning is getting ridiculous.
>> >
>> > Here's some stats on the number of Fail2Ban bans across all Xen
>> > Shell hosts in the last 7 days:
>> <snip>
>>
>> Something that you, Andy, and others with a large number of internet
>> facing servers might be interested in is this article that I just
>found
>> about sharing the fail2ban information with your other servers:
>>
>> https://www.blackhillsinfosec.com/configure-distributed-fail2ban/
>>
>> I hope that's helpful.
>>
>> Thanks
>>
>> Gavin
>>
>> _______________________________________________
>> users mailing list
>> users@???
>> https://lists.bitfolk.com/mailman/listinfo/users
>>
>
>
>
>--
>Keith Williams
>
>คืนใดมืดที่สุด จะเห็นดาวชัดที่สุด
>
>Wondrous Thai http://www.wondrousthai.com
>
>FCLT magazine
>http://issuu.com/fcltmagazine/docs/fclt_september_2014_issue_1
>
>Farang Can Learn Thai www.farangcanlearnthai.com
>
>Keith's Place www.keiths-place.co.uk
>
>Tailor Made English www.tmenglish.org
This message was posted to the following mailing lists:
users
Mailing List Info | Nearby Messages		<-Re: [bitfolk] SSH access to Xen Shell will have to be tightened upRe: [bitfolk] SSH access to Xen Shell will have to be tightened up->
Bitfolk Mailing List Archive administrated by List AdminLurker (version 2.3)