Thanks for your replies.
Tried all those, could see nothing useful in logs to explain. Assumed there was a problem with my keys so scrapped them and replaced with newly generated. Even rebooted server. It has to be something really simple and basic - but what - I don't know. So I'll just have to leave that for a while and tighten evrything else up.
I intend to change the ssh port.
So that's sshd_config change port 22 to the new number. iptables rule to close 22 and open the new one. What I'd like to do is only open the new port to traffic from my ip. But of course I have a dynamic ip from my isp so I wonder if I set a sort of compromise rule. My current ip being xxx.xxx.xxx.xxx (not being paranoid there - just I haven't checked it) so if I set -s xxx.xxx.xxx.xxx/16 do you think that'd give me sufficient leeway?
I know I'm being a pain here, but after my failure with the ssh thing, I would really welcome input. It is so easy to make a minor error which then messes every thing up. I have set up postfix and wondered why it suddently stopped sending me the log summaries from the logwatch cron job, then realised I'd managed to set up an alias loop root>postmaster>root Doh!! I thought I knew what I was doing with that!!!
--
Keith
The most dangerous strategy is to jump a chasm in two leaps.
www.westnorfolkrspca.org.uk