ssh登录linux服务器的时候,经常会有提示
There were * failed login attempts since the last successful login.
说明有大量的非法登录尝试,有几种应对方法
1 换一个sshd端口
不过也经常会被扫到
2 禁止root账号直接ssh登录
修改/etc/ssh/sshd_config
PermitRootLogin no
修改之后重启sshd
systemctl restart sshd
3 使用fail2ban
安装
yum install fail2ban
修改配置
/etc/fail2ban/jail.conf,找到[sshd],增加enable
[sshd]
# To use more aggressive sshd modes set filter parameter "mode" in jail.local:
# normal (default), ddos, extra or aggressive (combines all).
# See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details.
#mode = normal
filter = sshd
port = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s
enabled = true
启动
systemctl start fail2ban
配置开机启动
systemctl enable fail2ban
检查状态
fail2ban-client status sshd
对某个ip取消限制
fail2ban-client set sshd unbanip $ip
原文地址:https://www.cnblogs.com/barneywill/p/15257829.html
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。