Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Another little tidbit you can use in addition to fail2ban is to just change the SSH port. I generally use something in the 2000 range - 2022, 2222 etc. That way your poor VPS isn´t even handling all the people knocking on your SSH door.


I don't agree with this. A simple nmap is enough to find the SSH port. This will get you in trouble when you're on a network which blocks port. The ssh port is often open (at least if it's an establishment where programmers work) and a port like 2022 is not.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: