I get 1 failing SSH connection attempt per second from different IP. What can i do?

ssh linux apache-2.2

The DenyHosts package is one that is freely available and will block "bots" from attempting repeated attacks to your ssh port.

http://denyhosts.sourceforge.net/

Great software for blocking them.

Note: it's also included in many distros by default.


  • You can install fail2ban. It serve exactly this purpose, blocking brute force attempts. It works with other servers like http/ftp/etc too.
  • You can block the ip manually but this is more a temporary solution.
  • You can change the SSH port as you suggest. Unless it is a requirement for you to run it on the standard port, this is a very good idea. Most attackers won't take time to find out if you have a public ssh server running and on what port, except maybe if the attack is targeted specifically at you.

Related

Remove a file with <Down> in the name?
How to configure my Elastic Load Balancer to balance SSL traffic?
need an algorithm for collapsing netblock ranges into lists of superset ranges
Does Matlab eig always returns sorted values?
How can I delete Time machine files' extended attributes using commandline?
I can access the css-file but the website is still not applying the classes
How do I work with a remote file system from windows using a GUI?
Scanning streamed data with clamav
Is it dangerous to mix RAM?
Windows 10 can't map network drive of Linux samba server
How to read video card specifications? [duplicate]
All SSH keys suddenly stopped Working