How To Monitor Failed SSH Attempts

Disable Password Authentication for better Security

More about SSH can be found here.

You might be astonished how many people try to break into your computer via ssh. It is advisable to use key-based authentication only. Article for key-based authentication.

Enable monitoring

sudo gedit /etc/ssh/sshd_config
--> change LogLevel INFO to LogLevel VERBOSE

SSH login attempts will now be saved in your /var/log/auth.log file.

Accessing the information

sudo cat /var/log/auth.log | grep sshd
sudo cat /var/log/auth.log | grep Fail

sudo cat /var/log/auth.log | grep Invalid

Disabling SSH all-together

sudo mv /etc/init/ssh.conf /etc/init/ssh.conf.disabled

Comments

Popular posts from this blog

How to be anonymous on the internet (99-100%)

Deep Web Link List (.onion)

Automatically Check The Raspberry Pi's Temperature (+Prevent Overheating)