I travel quite a lot and do not always have access to all my keys. Although I do not often have to access the Xen shell, it would be very difficult if both were key only. It makes absolute sense to make port 22 key only, but if 922 were password as well it would be helpful. I use nonstandard ports for access to SSH on my VPS and as soon as I changed it I noticed a big change in my fail2ban logs.
One other thing I have done is to set up ipset, No one should ever attempt to connect to port 22 on my machines so I have iptables add any that do to an ipset which is then blocked from any port. But that may not be possible for the Bitfolk set up

On 2 March 2018 at 19:48, Gavin Westwood <bitfolk-lists-2015@gavinwestwood.uk> wrote:

On 02/03/2018 11:11, Andy Smith wrote:
> Hi,
>
> The level of SSH scanning is getting ridiculous.
>
> Here's some stats on the number of Fail2Ban bans across all Xen
> Shell hosts in the last 7 days:
<snip>

Something that you, Andy, and others with a large number of internet
facing servers might be interested in is this article that I just found
about sharing the fail2ban information with your other servers:

https://www.blackhillsinfosec.com/configure-distributed-fail2ban/

I hope that's helpful.

Thanks

Gavin

_______________________________________________
users mailing list
users@lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users

Keith Williams

คืนใดมืดที่สุด จะเห็นดาวชัดที่สุด

Wondrous Thai http://www.wondrousthai.com

FCLT magazine http://issuu.com/fcltmagazine/docs/fclt_september_2014_issue_1

Farang Can Learn Thai www.farangcanlearnthai.com

Keith's Place www.keiths-place.co.uk

Tailor Made English www.tmenglish.org