| 26 Feb 2025 |
 hexa | the first thought would be fail2ban, maybe crowdsec | 20:20:26 |
| hexa | but crowdsec is of course a bit weird 🙂 | 20:20:51 |
| hexa | I don't want to trust a random community of people | 20:21:04 |
| hexa | another idea would of course be a bastion host | 20:22:11 |
| hexa | but that would make accessing the host a bit more tedious, given ssh jumps etc. | 20:22:27 |
 dgrig | It's not foolproof, but changing the default port away from 22 helps with a lot of bots | 20:22:28 |
| hexa | also a valid choice | 20:24:05 |
| hexa | so what happens is that due to too many connection requests ssh also sometimes drops my connect attempts | 20:25:54 |
| hexa | mildly annoying 🙂 | 20:26:06 |
| hexa |
sshd[1969703]: error: beginning MaxStartups throttling
| 20:26:57 |
| hexa | due to that | 20:26:58 |
| dgrig | All the things you mentioned help however. I personally change the ssh port, enable fail2ban and for a lot of hosts don't have ssh enabled over the internet since wireguard works good enough for me. Other people I know enable ssh only over tor hidden services, but I don't trust tor starting fast enough after a restart /shrug | 20:27:01 |
