Linux Mint Forums

I don't think I have seen a question like this posted here so here goes. I check my log files occasionally and in authentication log there are usually quite a few 'failed password for invalid user' or 'failed password for root' entries. Same IP, different port, ssh2. I made a change to my etc/ssh/sshd_config file some time ago changing the entry Permit Root Login from yes to no. I checked the log file an hour ago and still see many entries like this. I guess they are more annoying than actually dangerous. So, I added the following line to that file, recommended from a Google search.

MaxAuthTries 5

I don't know yet what effect that new line will have.

Just wondering if I should spend more time with this and maybe get into IP tables or other, or is this really commonplace and just an annoyance.

Sounds like the normal kind of "background noise" of the internet to me, nothing of great concern.

Make sure you choose decent passwords - remember length is more important than using upper / lower case and numerics and stuf like that, so long as you're not choosing words from the dictionary. https://www.grc.com/haystack.htm

There's a little app called fail2ban you can install, which basically bans hosts that make many failed connection attempts, if that make you feel any better. Worked well for me before I stopped caring

Yup. Kinda how I see this. Just background noise from dingbat brute force attempts around the world. I'll post in a week or so if that one added line has any effect.

Just to let people know, I have completely solved this. I used the advice from these 2 urls:
http://www.iana.org/assignments/service ... umbers.xml
http://www.thegeekstuff.com/2011/05/openssh-options/

I hesitate to post my exact solution, but you can quite easily figure it out. My auth log is now completely devoid of any unauthorized login attempts.

Edit: that one added line had no effect.

OK. Been a couple weeks. I changed a couple settings and the port assingment for ssh2. I have had 0 unauth log attempts in this time. It works. Wanted to make sure there were no complications before my final post.

Just wanted to add one more thing. UFW, uncomplicated firewall, is not enabled by default. This is a built-in firewall for Linux Mint. You have to open a terminal and enable it. See this URL, it may be helpful. http://www.linuxdistrocommunity.com/vid ... c3A5Dy4xE0