Wednesday, 26 February 2014

How To Monitor Failed SSH Attempts

Disable Password Authentication for better Security

More about SSH can be found here.

You might be astonished how many people try to break into your computer via ssh. It is advisable to use key-based authentication only. Article for key-based authentication.

Enable monitoring

sudo gedit /etc/ssh/sshd_config
--> change LogLevel INFO to LogLevel VERBOSE

SSH login attempts will now be saved in your /var/log/auth.log file.

Accessing the information

sudo cat /var/log/auth.log | grep sshd
sudo cat /var/log/auth.log | grep Fail
sudo cat /var/log/auth.log | grep Invalid

Disabling SSH all-together

sudo mv /etc/init/ssh.conf /etc/init/ssh.conf.disabled
at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

How to download a portion of Youtube Video with youtube-dl

First make you have both youtube-dl and ffmpeg installed: sudo apt install youtube-dl ffmpeg Then download a portion of your desired...