My /var/log/btmp file is huge! What should I do?

This means people are trying to brute-force your passwords (common on any public-facing server).

It shouldn't cause any harm to clear out this file.

One way to reduce this is to change the port for SSH from 22 to something arbitrary. For some additional security, DenyHosts can block login attempts after a certain number of failures. I'd highly recommend installing and configuring it.


fail2ban can also be a great help for machines that must keep internet facing, port 22 SSH. It can be configured to use hosts.allow or iptables with flexible thresholds.