V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
Distributions
Ubuntu
Fedora
CentOS
中文资源站
网易开源镜像站
cattyhouse
V2EX  ›  Linux

每天都有人试图 ssh 我的 VPS,

  •  
  •   cattyhouse · 2015-01-05 15:02:21 +08:00 · 11638 次点击
    这是一个创建于 3644 天前的主题,其中的信息可能已经有所发展或是发生改变。
    已经对sshd_config做了一些设置
    1, 只允许用key登陆,不允许用密码登录,不允许空密码
    2,设置了Allowusers 为当前用户和root,理论上其他用户无法ssh进来.

    端口还是22. 不想改了,不然每次ssh进去都要写 -p参数,麻烦。这些设置够了吗?
    以下是lastb输出部分结果:

    admin ssh:notty 122.225.109.201 Mon Jan 5 12:36 - 12:36 (00:00)
    admin ssh:notty 122.225.97.77 Mon Jan 5 11:33 - 11:33 (00:00)
    admin ssh:notty 122.225.109.105 Mon Jan 5 08:27 - 08:27 (00:00)
    admin ssh:notty 122.225.109.105 Mon Jan 5 08:21 - 08:21 (00:00)
    admin ssh:notty 122.225.109.106 Mon Jan 5 08:14 - 08:14 (00:00)
    admin ssh:notty 122.225.109.106 Mon Jan 5 08:07 - 08:07 (00:00)
    testuser ssh:notty 135.109.206.35 Mon Jan 5 07:04 - 07:04 (00:00)
    postgres ssh:notty 135.109.206.35 Mon Jan 5 07:02 - 07:02 (00:00)
    admin ssh:notty 135.109.206.35 Mon Jan 5 06:59 - 06:59 (00:00)
    sybase ssh:notty 135.109.206.35 Mon Jan 5 06:57 - 06:57 (00:00)
    mysql ssh:notty 135.109.206.35 Mon Jan 5 06:55 - 06:55 (00:00)
    default ssh:notty 135.109.206.35 Mon Jan 5 06:52 - 06:52 (00:00)
    guest ssh:notty 135.109.206.35 Mon Jan 5 06:50 - 06:50 (00:00)
    test ssh:notty 135.109.206.35 Mon Jan 5 06:48 - 06:48 (00:00)
    support ssh:notty 176.103.49.29 Mon Jan 5 06:40 - 06:40 (00:00)
    admin ssh:notty 122.225.109.99 Mon Jan 5 05:20 - 05:20 (00:00)
    admin ssh:notty 122.225.109.215 Mon Jan 5 04:28 - 04:28 (00:00)
    admin ssh:notty 122.225.109.106 Mon Jan 5 03:29 - 03:29 (00:00)
    admin ssh:notty 122.225.109.207 Mon Jan 5 02:43 - 02:43 (00:00)
    admin ssh:notty 122.225.109.207 Mon Jan 5 02:36 - 02:36 (00:00)
    admin ssh:notty 122.225.97.85 Sun Jan 4 23:09 - 23:09 (00:00)
    admin ssh:notty 122.225.97.85 Sun Jan 4 23:08 - 23:08 (00:00)
    admin ssh:notty 122.225.109.109 Sun Jan 4 22:13 - 22:13 (00:00)
    support ssh:notty 193.104.41.58 Sun Jan 4 20:28 - 20:28 (00:00)
    admin ssh:notty 218.2.0.133 Sun Jan 4 12:43 - 12:43 (00:00)
    admin ssh:notty 218.2.0.126 Sun Jan 4 12:14 - 12:14 (00:00)
    admin ssh:notty 218.2.0.125 Sun Jan 4 03:49 - 03:49 (00:00)
    admin ssh:notty 122.225.109.117 Sun Jan 4 01:05 - 01:05 (00:00)
    admin ssh:notty 122.225.109.205 Sat Jan 3 12:41 - 12:41 (00:00)
    admin ssh:notty 122.225.97.85 Sat Jan 3 12:28 - 12:28 (00:00)
    admin ssh:notty 122.225.109.211 Sat Jan 3 00:18 - 00:18 (00:00)
    danielle ssh:notty 140.121.101.201 Fri Jan 2 23:19 - 23:19 (00:00)
    daniel ssh:notty 140.121.101.201 Fri Jan 2 23:15 - 23:15 (00:00)
    dan ssh:notty 140.121.101.201 Fri Jan 2 23:10 - 23:10 (00:00)
    dancer ssh:notty 140.121.101.201 Fri Jan 2 23:06 - 23:06 (00:00)
    dana ssh:notty 140.121.101.201 Fri Jan 2 23:01 - 23:01 (00:00)
    dan ssh:notty 140.121.101.201 Fri Jan 2 22:57 - 22:57 (00:00)
    daisy ssh:notty 140.121.101.201 Fri Jan 2 22:52 - 22:52 (00:00)
    d ssh:notty 140.121.101.201 Fri Jan 2 22:43 - 22:43 (00:00)
    cynthia ssh:notty 140.121.101.201 Fri Jan 2 22:39 - 22:39 (00:00)
    customer ssh:notty 140.121.101.201 Fri Jan 2 22:34 - 22:34 (00:00)
    cshrc ssh:notty 140.121.101.201 Fri Jan 2 22:30 - 22:30 (00:00)
    cs ssh:notty 140.121.101.201 Fri Jan 2 22:25 - 22:25 (00:00)
    crystal ssh:notty 140.121.101.201 Fri Jan 2 22:21 - 22:21 (00:00)
    cristina ssh:notty 140.121.101.201 Fri Jan 2 22:16 - 22:16 (00:00)
    cristi ssh:notty 140.121.101.201 Fri Jan 2 22:12 - 22:12 (00:00)
    criminal ssh:notty 140.121.101.201 Fri Jan 2 22:07 - 22:07 (00:00)
    cretin ssh:notty 140.121.101.201 Fri Jan 2 22:03 - 22:03 (00:00)
    creosote ssh:notty 140.121.101.201 Fri Jan 2 21:58 - 21:58 (00:00)
    credit ssh:notty 140.121.101.201 Fri Jan 2 21:54 - 21:54 (00:00)
    creation ssh:notty 140.121.101.201 Fri Jan 2 21:49 - 21:49 (00:00)
    create ssh:notty 140.121.101.201 Fri Jan 2 21:45 - 21:45 (00:00)
    crcard ssh:notty 140.121.101.201 Fri Jan 2 21:40 - 21:40 (00:00)
    cpanel ssh:notty 140.121.101.201 Fri Jan 2 21:36 - 21:36 (00:00)
    cow ssh:notty 140.121.101.201 Fri Jan 2 21:32 - 21:32 (00:00)
    couscous ssh:notty 140.121.101.201 Fri Jan 2 21:27 - 21:27 (00:00)
    costel ssh:notty 140.121.101.201 Fri Jan 2 21:23 - 21:23 (00:00)
    corneliu ssh:notty 140.121.101.201 Fri Jan 2 21:18 - 21:18 (00:00)
    cooper ssh:notty 140.121.101.201 Fri Jan 2 21:14 - 21:14 (00:00)
    cool ssh:notty 140.121.101.201 Fri Jan 2 21:09 - 21:09 (00:00)
    cookie ssh:notty 140.121.101.201 Fri Jan 2 21:05 - 21:05 (00:00)
    console ssh:notty 140.121.101.201 Fri Jan 2 21:00 - 21:00 (00:00)
    connie ssh:notty 140.121.101.201 Fri Jan 2 20:56 - 20:56 (00:00)
    connect ssh:notty 140.121.101.201 Fri Jan 2 20:51 - 20:51 (00:00)
    condom ssh:notty 140.121.101.201 Fri Jan 2 20:47 - 20:47 (00:00)
    condo ssh:notty 140.121.101.201 Fri Jan 2 20:42 - 20:42 (00:00)
    comrades ssh:notty 140.121.101.201 Fri Jan 2 20:38 - 20:38 (00:00)
    comrade ssh:notty 140.121.101.201 Fri Jan 2 20:33 - 20:33 (00:00)
    computer ssh:notty 140.121.101.201 Fri Jan 2 20:29 - 20:29 (00:00)
    commrade ssh:notty 140.121.101.201 Fri Jan 2 20:24 - 20:24 (00:00)
    collins ssh:notty 140.121.101.201 Fri Jan 2 20:20 - 20:20 (00:00)
    collier ssh:notty 140.121.101.201 Fri Jan 2 20:15 - 20:15 (00:00)
    colin ssh:notty 140.121.101.201 Fri Jan 2 20:11 - 20:11 (00:00)
    cola ssh:notty 140.121.101.201 Fri Jan 2 20:06 - 20:06 (00:00)
    coke ssh:notty 140.121.101.201 Fri Jan 2 20:02 - 20:02 (00:00)
    coffee ssh:notty 140.121.101.201 Fri Jan 2 19:57 - 19:57 (00:00)
    code ssh:notty 140.121.101.201 Fri Jan 2 19:52 - 19:52 (00:00)
    coach ssh:notty 140.121.101.201 Fri Jan 2 19:48 - 19:48 (00:00)
    clusters ssh:notty 140.121.101.201 Fri Jan 2 19:43 - 19:43 (00:00)
    cluster ssh:notty 140.121.101.201 Fri Jan 2 19:39 - 19:39 (00:00)
    client ssh:notty 140.121.101.201 Fri Jan 2 19:34 - 19:34 (00:00)
    cleopatr ssh:notty 140.121.101.201 Fri Jan 2 19:30 - 19:30 (00:00)
    claudia ssh:notty 140.121.101.201 Fri Jan 2 19:25 - 19:25 (00:00)
    classic ssh:notty 140.121.101.201 Fri Jan 2 19:21 - 19:21 (00:00)
    class ssh:notty 140.121.101.201 Fri Jan 2 19:16 - 19:16 (00:00)
    clamav ssh:notty 140.121.101.201 Fri Jan 2 19:12 - 19:12 (00:00)
    cindy ssh:notty 140.121.101.201 Fri Jan 2 19:07 - 19:07 (00:00)
    christy ssh:notty 140.121.101.201 Fri Jan 2 19:03 - 19:03 (00:00)
    christin ssh:notty 140.121.101.201 Fri Jan 2 18:58 - 18:58 (00:00)
    christin ssh:notty 140.121.101.201 Fri Jan 2 18:54 - 18:54 (00:00)
    chris ssh:notty 140.121.101.201 Fri Jan 2 18:49 - 18:49 (00:00)
    chinese ssh:notty 140.121.101.201 Fri Jan 2 18:45 - 18:45 (00:00)
    chicken ssh:notty 140.121.101.201 Fri Jan 2 18:40 - 18:40 (00:00)
    chick ssh:notty 140.121.101.201 Fri Jan 2 18:36 - 18:36 (00:00)
    chester ssh:notty 140.121.101.201 Fri Jan 2 18:31 - 18:31 (00:00)
    chess ssh:notty 140.121.101.201 Fri Jan 2 18:27 - 18:27 (00:00)
    cheryl ssh:notty 140.121.101.201 Fri Jan 2 18:22 - 18:22 (00:00)
    chemistr ssh:notty 140.121.101.201 Fri Jan 2 18:18 - 18:18 (00:00)
    chem ssh:notty 140.121.101.201 Fri Jan 2 18:13 - 18:13 (00:00)
    cheese ssh:notty 140.121.101.201 Fri Jan 2 18:08 - 18:08 (00:00)
    chat ssh:notty 140.121.101.201 Fri Jan 2 18:04 - 18:04 (00:00)
    charon ssh:notty 140.121.101.201 Fri Jan 2 17:59 - 17:59 (00:00)
    charlie ssh:notty 140.121.101.201 Fri Jan 2 17:55 - 17:55 (00:00)
    charles ssh:notty 140.121.101.201 Fri Jan 2 17:50 - 17:50 (00:00)
    charity ssh:notty 140.121.101.201 Fri Jan 2 17:46 - 17:46 (00:00)
    change ssh:notty 140.121.101.201 Fri Jan 2 17:41 - 17:41 (00:00)
    cgi ssh:notty 140.121.101.201 Fri Jan 2 17:37 - 17:37 (00:00)
    cerulean ssh:notty 140.121.101.201 Fri Jan 2 17:32 - 17:32 (00:00)
    cent ssh:notty 140.121.101.201 Fri Jan 2 17:28 - 17:28 (00:00)
    celtics ssh:notty 140.121.101.201 Fri Jan 2 17:23 - 17:23 (00:00)
    cell ssh:notty 140.121.101.201 Fri Jan 2 17:19 - 17:19 (00:00)
    cecily ssh:notty 140.121.101.201 Fri Jan 2 17:14 - 17:14 (00:00)
    cdrom ssh:notty 140.121.101.201 Fri Jan 2 17:10 - 17:10 (00:00)
    c ssh:notty 140.121.101.201 Fri Jan 2 17:05 - 17:05 (00:00)
    cayuga ssh:notty 140.121.101.201 Fri Jan 2 17:01 - 17:01 (00:00)
    cathy ssh:notty 140.121.101.201 Fri Jan 2 16:56 - 16:56 (00:00)
    catherin ssh:notty 140.121.101.201 Fri Jan 2 16:52 - 16:52 (00:00)
    cat ssh:notty 140.121.101.201 Fri Jan 2 16:47 - 16:47 (00:00)
    catalin ssh:notty 140.121.101.201 Fri Jan 2 16:43 - 16:43 (00:00)
    cat ssh:notty 140.121.101.201 Fri Jan 2 16:39 - 16:39 (00:00)
    castle ssh:notty 140.121.101.201 Fri Jan 2 16:34 - 16:34 (00:00)
    cascades ssh:notty 140.121.101.201 Fri Jan 2 16:29 - 16:29 (00:00)
    carson ssh:notty 140.121.101.201 Fri Jan 2 16:25 - 16:25 (00:00)
    carrie ssh:notty 140.121.101.201 Fri Jan 2 16:21 - 16:21 (00:00)
    carolyn ssh:notty 140.121.101.201 Fri Jan 2 16:16 - 16:16 (00:00)
    caroline ssh:notty 140.121.101.201 Fri Jan 2 16:12 - 16:12 (00:00)
    carolina ssh:notty 140.121.101.201 Fri Jan 2 16:07 - 16:07 (00:00)
    carole ssh:notty 140.121.101.201 Fri Jan 2 16:03 - 16:03 (00:00)
    carol ssh:notty 140.121.101.201 Fri Jan 2 15:58 - 15:58 (00:00)
    carmen ssh:notty 140.121.101.201 Fri Jan 2 15:54 - 15:54 (00:00)
    carlos ssh:notty 140.121.101.201 Fri Jan 2 15:49 - 15:49 (00:00)
    carla ssh:notty 140.121.101.201 Fri Jan 2 15:45 - 15:45 (00:00)
    caren ssh:notty 140.121.101.201 Fri Jan 2 15:40 - 15:40 (00:00)
    cardinal ssh:notty 140.121.101.201 Fri Jan 2 15:36 - 15:36 (00:00)
    cap ssh:notty 140.121.101.201 Fri Jan 2 15:31 - 15:31 (00:00)
    cantor ssh:notty 140.121.101.201 Fri Jan 2 15:26 - 15:26 (00:00)
    candy ssh:notty 140.121.101.201 Fri Jan 2 15:22 - 15:22 (00:00)
    candi ssh:notty 140.121.101.201 Fri Jan 2 15:17 - 15:17 (00:00)
    campani ssh:notty 140.121.101.201 Fri Jan 2 15:13 - 15:13 (00:00)
    camille ssh:notty 140.121.101.201 Fri Jan 2 15:08 - 15:08 (00:00)
    calbert ssh:notty 140.121.101.201 Fri Jan 2 15:04 - 15:04 (00:00)
    caesar ssh:notty 140.121.101.201 Fri Jan 2 14:59 - 14:59 (00:00)
    cad ssh:notty 140.121.101.201 Fri Jan 2 14:55 - 14:55 (00:00)
    c ssh:notty 140.121.101.201 Fri Jan 2 14:50 - 14:50 (00:00)
    burgess ssh:notty 140.121.101.201 Fri Jan 2 14:46 - 14:46 (00:00)
    bunny ssh:notty 140.121.101.201 Fri Jan 2 14:41 - 14:41 (00:00)
    bumbling ssh:notty 140.121.101.201 Fri Jan 2 14:37 - 14:37 (00:00)
    budha ssh:notty 140.121.101.201 Fri Jan 2 14:32 - 14:32 (00:00)
    bsd ssh:notty 140.121.101.201 Fri Jan 2 14:28 - 14:28 (00:00)
    bruce ssh:notty 140.121.101.201 Fri Jan 2 14:23 - 14:23 (00:00)
    broadway ssh:notty 140.121.101.201 Fri Jan 2 14:18 - 14:18 (00:00)
    britney ssh:notty 140.121.101.201 Fri Jan 2 14:14 - 14:14 (00:00)
    bridget ssh:notty 140.121.101.201 Fri Jan 2 14:09 - 14:09 (00:00)
    brian ssh:notty 140.121.101.201 Fri Jan 2 14:05 - 14:05 (00:00)
    brenda ssh:notty 140.121.101.201 Fri Jan 2 14:00 - 14:00 (00:00)
    brandy ssh:notty 140.121.101.201 Fri Jan 2 13:56 - 13:56 (00:00)
    brandi ssh:notty 140.121.101.201 Fri Jan 2 13:51 - 13:51 (00:00)
    bradley ssh:notty 140.121.101.201 Fri Jan 2 13:47 - 13:47 (00:00)
    boxer ssh:notty 140.121.101.201 Fri Jan 2 13:42 - 13:42 (00:00)
    bond ssh:notty 140.121.101.201 Fri Jan 2 13:38 - 13:38 (00:00)
    bob ssh:notty 140.121.101.201 Fri Jan 2 13:33 - 13:33 (00:00)
    blue ssh:notty 140.121.101.201 Fri Jan 2 13:29 - 13:29 (00:00)
    blond ssh:notty 140.121.101.201 Fri Jan 2 13:24 - 13:24 (00:00)
    blacks ssh:notty 140.121.101.201 Fri Jan 2 13:19 - 13:19 (00:00)
    bitch ssh:notty 140.121.101.201 Fri Jan 2 13:15 - 13:15 (00:00)
    bishop ssh:notty 140.121.101.201 Fri Jan 2 13:10 - 13:10 (00:00)
    bill ssh:notty 140.121.101.201 Fri Jan 2 13:01 - 13:01 (00:00)
    bids ssh:notty 140.121.101.201 Fri Jan 2 12:57 - 12:57 (00:00)
    bicamera ssh:notty 140.121.101.201 Fri Jan 2 12:52 - 12:52 (00:00)
    bf ssh:notty 140.121.101.201 Fri Jan 2 12:48 - 12:48 (00:00)
    beverly ssh:notty 140.121.101.201 Fri Jan 2 12:43 - 12:43 (00:00)
    betty ssh:notty 140.121.101.201 Fri Jan 2 12:39 - 12:39 (00:00)
    betsie ssh:notty 140.121.101.201 Fri Jan 2 12:34 - 12:34 (00:00)
    beth ssh:notty 140.121.101.201 Fri Jan 2 12:30 - 12:30 (00:00)
    beta ssh:notty 140.121.101.201 Fri Jan 2 12:25 - 12:25 (00:00)
    beryl ssh:notty 140.121.101.201 Fri Jan 2 12:21 - 12:21 (00:00)
    berliner ssh:notty 140.121.101.201 Fri Jan 2 12:16 - 12:16 (00:00)
    berlin ssh:notty 140.121.101.201 Fri Jan 2 12:12 - 12:12 (00:00)
    berkly ssh:notty 140.121.101.201 Fri Jan 2 12:07 - 12:07 (00:00)
    berkeley ssh:notty 140.121.101.201 Fri Jan 2 12:02 - 12:02 (00:00)
    beowulf ssh:notty 140.121.101.201 Fri Jan 2 11:58 - 11:58 (00:00)
    benz ssh:notty 140.121.101.201 Fri Jan 2 11:53 - 11:53 (00:00)
    benjamin ssh:notty 140.121.101.201 Fri Jan 2 11:49 - 11:49 (00:00)
    ben ssh:notty 140.121.101.201 Fri Jan 2 11:44 - 11:44 (00:00)
    beloved ssh:notty 140.121.101.201 Fri Jan 2 11:40 - 11:40 (00:00)
    beethove ssh:notty 140.121.101.201 Fri Jan 2 11:35 - 11:35 (00:00)
    beer ssh:notty 140.121.101.201 Fri Jan 2 11:31 - 11:31 (00:00)
    becky ssh:notty 140.121.101.201 Fri Jan 2 11:26 - 11:26 (00:00)
    beaver ssh:notty 140.121.101.201 Fri Jan 2 11:22 - 11:22 (00:00)
    beauty ssh:notty 140.121.101.201 Fri Jan 2 11:17 - 11:17 (00:00)
    beater ssh:notty 140.121.101.201 Fri Jan 2 11:12 - 11:12 (00:00)
    bear ssh:notty 140.121.101.201 Fri Jan 2 11:08 - 11:08 (00:00)
    beach ssh:notty 140.121.101.201 Fri Jan 2 11:03 - 11:03 (00:00)
    b ssh:notty 140.121.101.201 Fri Jan 2 10:59 - 10:59 (00:00)
    batt ssh:notty 140.121.101.201 Fri Jan 2 10:55 - 10:55 (00:00)
    batman ssh:notty 140.121.101.201 Fri Jan 2 10:50 - 10:50 (00:00)
    batch ssh:notty 140.121.101.201 Fri Jan 2 10:45 - 10:45 (00:00)
    bassoon ssh:notty 140.121.101.201 Fri Jan 2 10:41 - 10:41 (00:00)
    bass ssh:notty 140.121.101.201 Fri Jan 2 10:36 - 10:36 (00:00)
    basic ssh:notty 140.121.101.201 Fri Jan 2 10:32 - 10:32 (00:00)
    bartman ssh:notty 140.121.101.201 Fri Jan 2 10:27 - 10:27 (00:00)
    baritone ssh:notty 140.121.101.201 Fri Jan 2 10:23 - 10:23 (00:00)
    barber ssh:notty 140.121.101.201 Fri Jan 2 10:18 - 10:18 (00:00)
    barbara ssh:notty 140.121.101.201 Fri Jan 2 10:14 - 10:14 (00:00)
    banks ssh:notty 140.121.101.201 Fri Jan 2 10:09 - 10:09 (00:00)
    bandit ssh:notty 140.121.101.201 Fri Jan 2 10:04 - 10:04 (00:00)
    bananas ssh:notty 140.121.101.201 Fri Jan 2 10:00 - 10:00 (00:00)
    banana ssh:notty 140.121.101.201 Fri Jan 2 09:55 - 09:55 (00:00)
    balan ssh:notty 140.121.101.201 Fri Jan 2 09:51 - 09:51 (00:00)
    bailey ssh:notty 140.121.101.201 Fri Jan 2 09:46 - 09:46 (00:00)
    badass ssh:notty 140.121.101.201 Fri Jan 2 09:42 - 09:42 (00:00)
    bacchus ssh:notty 140.121.101.201 Fri Jan 2 09:37 - 09:37 (00:00)
    b ssh:notty 140.121.101.201 Fri Jan 2 09:33 - 09:33 (00:00)
    azure ssh:notty 140.121.101.201 Fri Jan 2 09:28 - 09:28 (00:00)
    athena ssh:notty 140.121.101.201 Fri Jan 2 09:24 - 09:24 (00:00)
    asshole ssh:notty 140.121.101.201 Fri Jan 2 09:19 - 09:19 (00:00)
    asm ssh:notty 140.121.101.201 Fri Jan 2 09:15 - 09:15 (00:00)
    ashley ssh:notty 140.121.101.201 Fri Jan 2 09:10 - 09:10 (00:00)
    asd ssh:notty 140.121.101.201 Fri Jan 2 09:06 - 09:06 (00:00)
    arthur ssh:notty 140.121.101.201 Fri Jan 2 09:01 - 09:01 (00:00)
    arrow ssh:notty 140.121.101.201 Fri Jan 2 08:57 - 08:57 (00:00)
    armando ssh:notty 140.121.101.201 Fri Jan 2 08:52 - 08:52 (00:00)
    arlene ssh:notty 140.121.101.201 Fri Jan 2 08:48 - 08:48 (00:00)
    ariadne ssh:notty 140.121.101.201 Fri Jan 2 08:43 - 08:43 (00:00)
    aria ssh:notty 140.121.101.201 Fri Jan 2 08:39 - 08:39 (00:00)
    april ssh:notty 140.121.101.201 Fri Jan 2 08:34 - 08:34 (00:00)
    apache ssh:notty 140.121.101.201 Fri Jan 2 08:30 - 08:30 (00:00)
    annette ssh:notty 140.121.101.201 Fri Jan 2 08:25 - 08:25 (00:00)
    anne ssh:notty 140.121.101.201 Fri Jan 2 08:21 - 08:21 (00:00)
    anna ssh:notty 140.121.101.201 Fri Jan 2 08:16 - 08:16 (00:00)
    ann ssh:notty 140.121.101.201 Fri Jan 2 08:12 - 08:12 (00:00)
    anita ssh:notty 140.121.101.201 Fri Jan 2 08:08 - 08:08 (00:00)
    angie ssh:notty 140.121.101.201 Fri Jan 2 08:03 - 08:03 (00:00)
    angerine ssh:notty 140.121.101.201 Fri Jan 2 07:59 - 07:59 (00:00)
    angela ssh:notty 140.121.101.201 Fri Jan 2 07:54 - 07:54 (00:00)
    ane ssh:notty 140.121.101.201 Fri Jan 2 07:50 - 07:50 (00:00)
    andy ssh:notty 140.121.101.201 Fri Jan 2 07:45 - 07:45 (00:00)
    andromac ssh:notty 140.121.101.201 Fri Jan 2 07:41 - 07:41 (00:00)
    andrew ssh:notty 140.121.101.201 Fri Jan 2 07:36 - 07:36 (00:00)
    andreg ssh:notty 140.121.101.201 Fri Jan 2 07:32 - 07:32 (00:00)
    andrea ssh:notty 140.121.101.201 Fri Jan 2 07:27 - 07:27 (00:00)
    andre ssh:notty 140.121.101.201 Fri Jan 2 07:23 - 07:23 (00:00)
    andersen ssh:notty 140.121.101.201 Fri Jan 2 07:19 - 07:19 (00:00)
    anchor ssh:notty 140.121.101.201 Fri Jan 2 07:14 - 07:14 (00:00)
    an ssh:notty 140.121.101.201 Fri Jan 2 07:10 - 07:10 (00:00)
    analog ssh:notty 140.121.101.201 Fri Jan 2 07:05 - 07:05 (00:00)
    anallise ssh:notty 140.121.101.201 Fri Jan 2 07:01 - 07:01 (00:00)
    anallese ssh:notty 140.121.101.201 Fri Jan 2 06:56 - 06:56 (00:00)
    analise ssh:notty 140.121.101.201 Fri Jan 2 06:52 - 06:52 (00:00)
    analiese ssh:notty 140.121.101.201 Fri Jan 2 06:47 - 06:47 (00:00)
    anabelle ssh:notty 140.121.101.201 Fri Jan 2 06:42 - 06:42 (00:00)
    anabella ssh:notty 140.121.101.201 Fri Jan 2 06:38 - 06:38 (00:00)
    anabel ssh:notty 140.121.101.201 Fri Jan 2 06:33 - 06:33 (00:00)
    33 条回复    2015-01-26 19:46:02 +08:00
    aru
        1
    aru  
       2015-01-05 15:07:07 +08:00
    换个端口
    Blask
        2
    Blask  
       2015-01-05 15:08:12 +08:00
    楼上正解
    aru
        3
    aru  
       2015-01-05 15:08:23 +08:00
    已经足够了,除非sshd 爆出其他的安全漏洞,否则别人无法通过ssh进来
    c0878
        4
    c0878  
       2015-01-05 15:09:34 +08:00
    只要公网开了22就会被人一直尝试的 自己安全做好就行 忽略之
    besto
        5
    besto  
       2015-01-05 15:10:38 +08:00
    怎么能允许root登录。另外key一定也要密码,切记。另外ssh 不用每次都-p。
    unfurl
        6
    unfurl  
       2015-01-05 15:12:58 +08:00
    装个denyhost
    cattyhouse
        7
    cattyhouse  
    OP
       2015-01-05 15:15:50 +08:00 via iPhone   ❤️ 1
    @besto 换端口了,就要加-p参数。ssh不光是用来登陆,换端口的话rsync,mosh都需要指定端口。
    xenme
        8
    xenme  
       2015-01-05 15:17:04 +08:00
    很正常,我家里路由器,天天都有人来扫弱口令~~
    21grams
        9
    21grams  
       2015-01-05 15:20:25 +08:00
    装个fail2ban,连配都不用配,默认拉黑六次密码错的ip。
    halfbloodrock
        10
    halfbloodrock  
       2015-01-05 15:25:24 +08:00
    @cattyhouse ssh 可以在.ssh/config 里定义下端口,免去每次输入痛苦。
    besto
        11
    besto  
       2015-01-05 15:28:25 +08:00
    @cattyhouse 你可以配.ssh/config
    avichen
        12
    avichen  
       2015-01-05 15:36:52 +08:00
    你可以试试denyhosts,自动屏蔽非法用户连接sshd。
    geeklian
        13
    geeklian  
       2015-01-05 15:51:50 +08:00 via iPhone
    @21grams
    顶fail2ban

    正式登陆,并不就是万无一失了,你的VPS还有可能被日志塞满.(@.@)
    novaeyoucom
        14
    novaeyoucom  
       2015-01-05 16:36:16 +08:00
    用denyhosts, 这是都是机器人自动扫描,
    henices
        15
    henices  
       2015-01-05 17:03:33 +08:00
    请使用证书认证,禁用密码认证
    BOYPT
        16
    BOYPT  
       2015-01-05 17:27:58 +08:00
    扫就扫呗,关密码登录他又不可能进来。
    niklaus520
        17
    niklaus520  
       2015-01-05 17:36:00 +08:00
    xshell保存一下配置呗,自己电脑直接双击登录,有啥麻烦的
    uuspider
        18
    uuspider  
       2015-01-05 17:41:57 +08:00
    换了端口能省很多事,ssh也可以改掉默认端口
    nerowu2010
        19
    nerowu2010  
       2015-01-05 18:22:03 +08:00
    @besto 正解!
    maemual
        20
    maemual  
       2015-01-05 18:28:10 +08:00
    换个端口,然后在本地.ssh/config里加一下配置不就好了么。
    msg7086
        21
    msg7086  
       2015-01-05 20:47:58 +08:00 via iPhone
    为何要用log来spam 论坛…
    gangsta
        22
    gangsta  
       2015-01-05 21:12:59 +08:00 via iPhone
    不常见端口+fail2ban
    bellchu
        23
    bellchu  
       2015-01-05 21:19:21 +08:00
    passwd -d root

    然后就可以安心的睡了
    intosec
        24
    intosec  
       2015-01-05 21:40:01 +08:00 via Android
    太正常了,昨天刷ros测试,ros初始是没有防火墙规则的。刚把pppoe配好才拨上号,日志里就发现有ip在爆破ssh。一度让我怀疑国内流行的几个xx版ros镜像是不是都带后门。。。
    Chipper
        25
    Chipper  
       2015-01-05 21:42:11 +08:00
    在 vps中安装一个denyhosts
    oxoxoxox
        26
    oxoxoxox  
       2015-01-05 22:32:18 +08:00
    换五位数的端口 + fail2ban
    如果VPS很重要,那就再禁止root登录,然后再禁掉password登录转而用key
    oxoxoxox
        27
    oxoxoxox  
       2015-01-05 22:34:31 +08:00
    登录的话用SecureCRT保存一下ssh配置,用起来也还是蛮方便的
    不过这貌似比加-p参数还多几步
    boogiefer
        28
    boogiefer  
       2015-01-06 00:28:34 +08:00
    推荐25#的方法,我也是用denyhosts。
    BUPTGuo
        29
    BUPTGuo  
       2015-01-06 00:49:04 +08:00
    22端口应该是有一些工具去扫的吧,换端口管用,denyhosts也挺好。我换了端口之后,denyhosts就没再增加过ip了
    lujiajing1126
        30
    lujiajing1126  
       2015-01-06 11:55:36 +08:00
    再正常不过了。。。。。。。一般都会ssh攻击root
    先ssh禁用root,再禁止root从shell登陆
    ```
    sudo passwd -dl root
    ```
    似乎是这样,不能有-e因为root可能还需要运行crontab
    然后denyhosts是基本原理,你可以用fail2ban这类的工具
    以前我直接用python写了一个扫日志的。。自动加到denyhosts
    darksheen
        31
    darksheen  
       2015-01-06 15:38:50 +08:00
    我在linode的vps每天也有1万多次root登录尝试,直接禁用root登录就没事了
    sangsir
        32
    sangsir  
       2015-01-07 09:50:02 +08:00
    不常见端口+fail2ban,+1
    tomaer
        33
    tomaer  
       2015-01-26 19:46:02 +08:00
    iptables中加上只允许你的ip段访问22端口~最简单的方法.
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   967 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 37ms · UTC 22:52 · PVG 06:52 · LAX 14:52 · JFK 17:52
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.