每天都有人试图 ssh 我的 VPS, - V2EX
首页 注册 登录
V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
Distributions
Ubuntu
Fedora
CentOS
中文资源站
网易开源镜像站
cattyhouse
V2EX    Linux

每天都有人试图 ssh 我的 VPS,

  •   
  •   cattyhouse 2015-01-05 15:02:21 +08:00 12168 次点击
    这是一个创建于 3934 天前的主题,其中的信息可能已经有所发展或是发生改变。
    已经对sshd_config做了一些设置
    1, 只允许用key登陆,不允许用密码登录,不允许空密码
    2,设置了Allowusers 为当前用户和root,理论上其他用户无法ssh进来.

    端口还是22. 不想改了,不然每次ssh进去都要写 -p参数,麻烦。这些设置够了吗?
    以下是lastb输出部分结果:

    admin ssh:notty 122.225.109.201 Mon Jan 5 12:36 - 12:36 (00:00)
    admin ssh:notty 122.225.97.77 Mon Jan 5 11:33 - 11:33 (00:00)
    admin ssh:notty 122.225.109.105 Mon Jan 5 08:27 - 08:27 (00:00)
    admin ssh:notty 122.225.109.105 Mon Jan 5 08:21 - 08:21 (00:00)
    admin ssh:notty 122.225.109.106 Mon Jan 5 08:14 - 08:14 (00:00)
    admin ssh:notty 122.225.109.106 Mon Jan 5 08:07 - 08:07 (00:00)
    testuser ssh:notty 135.109.206.35 Mon Jan 5 07:04 - 07:04 (00:00)
    postgres ssh:notty 135.109.206.35 Mon Jan 5 07:02 - 07:02 (00:00)
    admin ssh:notty 135.109.206.35 Mon Jan 5 06:59 - 06:59 (00:00)
    sybase ssh:notty 135.109.206.35 Mon Jan 5 06:57 - 06:57 (00:00)
    mysql ssh:notty 135.109.206.35 Mon Jan 5 06:55 - 06:55 (00:00)
    default ssh:notty 135.109.206.35 Mon Jan 5 06:52 - 06:52 (00:00)
    guest ssh:notty 135.109.206.35 Mon Jan 5 06:50 - 06:50 (00:00)
    test ssh:notty 135.109.206.35 Mon Jan 5 06:48 - 06:48 (00:00)
    support ssh:notty 176.103.49.29 Mon Jan 5 06:40 - 06:40 (00:00)
    admin ssh:notty 122.225.109.99 Mon Jan 5 05:20 - 05:20 (00:00)
    admin ssh:notty 122.225.109.215 Mon Jan 5 04:28 - 04:28 (00:00)
    admin ssh:notty 122.225.109.106 Mon Jan 5 03:29 - 03:29 (00:00)
    admin ssh:notty 122.225.109.207 Mon Jan 5 02:43 - 02:43 (00:00)
    admin ssh:notty 122.225.109.207 Mon Jan 5 02:36 - 02:36 (00:00)
    admin ssh:notty 122.225.97.85 Sun Jan 4 23:09 - 23:09 (00:00)
    admin ssh:notty 122.225.97.85 Sun Jan 4 23:08 - 23:08 (00:00)
    admin ssh:notty 122.225.109.109 Sun Jan 4 22:13 - 22:13 (00:00)
    support ssh:notty 193.104.41.58 Sun Jan 4 20:28 - 20:28 (00:00)
    admin ssh:notty 218.2.0.133 Sun Jan 4 12:43 - 12:43 (00:00)
    admin ssh:notty 218.2.0.126 Sun Jan 4 12:14 - 12:14 (00:00)
    admin ssh:notty 218.2.0.125 Sun Jan 4 03:49 - 03:49 (00:00)
    admin ssh:notty 122.225.109.117 Sun Jan 4 01:05 - 01:05 (00:00)
    admin ssh:notty 122.225.109.205 Sat Jan 3 12:41 - 12:41 (00:00)
    admin ssh:notty 122.225.97.85 Sat Jan 3 12:28 - 12:28 (00:00)
    admin ssh:notty 122.225.109.211 Sat Jan 3 00:18 - 00:18 (00:00)
    danielle ssh:notty 140.121.101.201 Fri Jan 2 23:19 - 23:19 (00:00)
    daniel ssh:notty 140.121.101.201 Fri Jan 2 23:15 - 23:15 (00:00)
    dan ssh:notty 140.121.101.201 Fri Jan 2 23:10 - 23:10 (00:00)
    dancer ssh:notty 140.121.101.201 Fri Jan 2 23:06 - 23:06 (00:00)
    dana ssh:notty 140.121.101.201 Fri Jan 2 23:01 - 23:01 (00:00)
    dan ssh:notty 140.121.101.201 Fri Jan 2 22:57 - 22:57 (00:00)
    daisy ssh:notty 140.121.101.201 Fri Jan 2 22:52 - 22:52 (00:00)
    d ssh:notty 140.121.101.201 Fri Jan 2 22:43 - 22:43 (00:00)
    cynthia ssh:notty 140.121.101.201 Fri Jan 2 22:39 - 22:39 (00:00)
    customer ssh:notty 140.121.101.201 Fri Jan 2 22:34 - 22:34 (00:00)
    cshrc ssh:notty 140.121.101.201 Fri Jan 2 22:30 - 22:30 (00:00)
    cs ssh:notty 140.121.101.201 Fri Jan 2 22:25 - 22:25 (00:00)
    crystal ssh:notty 140.121.101.201 Fri Jan 2 22:21 - 22:21 (00:00)
    cristina ssh:notty 140.121.101.201 Fri Jan 2 22:16 - 22:16 (00:00)
    cristi ssh:notty 140.121.101.201 Fri Jan 2 22:12 - 22:12 (00:00)
    criminal ssh:notty 140.121.101.201 Fri Jan 2 22:07 - 22:07 (00:00)
    cretin ssh:notty 140.121.101.201 Fri Jan 2 22:03 - 22:03 (00:00)
    creosote ssh:notty 140.121.101.201 Fri Jan 2 21:58 - 21:58 (00:00)
    credit ssh:notty 140.121.101.201 Fri Jan 2 21:54 - 21:54 (00:00)
    creation ssh:notty 140.121.101.201 Fri Jan 2 21:49 - 21:49 (00:00)
    create ssh:notty 140.121.101.201 Fri Jan 2 21:45 - 21:45 (00:00)
    crcard ssh:notty 140.121.101.201 Fri Jan 2 21:40 - 21:40 (00:00)
    cpanel ssh:notty 140.121.101.201 Fri Jan 2 21:36 - 21:36 (00:00)
    cow ssh:notty 140.121.101.201 Fri Jan 2 21:32 - 21:32 (00:00)
    couscous ssh:notty 140.121.101.201 Fri Jan 2 21:27 - 21:27 (00:00)
    costel ssh:notty 140.121.101.201 Fri Jan 2 21:23 - 21:23 (00:00)
    corneliu ssh:notty 140.121.101.201 Fri Jan 2 21:18 - 21:18 (00:00)
    cooper ssh:notty 140.121.101.201 Fri Jan 2 21:14 - 21:14 (00:00)
    cool ssh:notty 140.121.101.201 Fri Jan 2 21:09 - 21:09 (00:00)
    cookie ssh:notty 140.121.101.201 Fri Jan 2 21:05 - 21:05 (00:00)
    console ssh:notty 140.121.101.201 Fri Jan 2 21:00 - 21:00 (00:00)
    connie ssh:notty 140.121.101.201 Fri Jan 2 20:56 - 20:56 (00:00)
    connect ssh:notty 140.121.101.201 Fri Jan 2 20:51 - 20:51 (00:00)
    condom ssh:notty 140.121.101.201 Fri Jan 2 20:47 - 20:47 (00:00)
    condo ssh:notty 140.121.101.201 Fri Jan 2 20:42 - 20:42 (00:00)
    comrades ssh:notty 140.121.101.201 Fri Jan 2 20:38 - 20:38 (00:00)
    comrade ssh:notty 140.121.101.201 Fri Jan 2 20:33 - 20:33 (00:00)
    computer ssh:notty 140.121.101.201 Fri Jan 2 20:29 - 20:29 (00:00)
    commrade ssh:notty 140.121.101.201 Fri Jan 2 20:24 - 20:24 (00:00)
    collins ssh:notty 140.121.101.201 Fri Jan 2 20:20 - 20:20 (00:00)
    collier ssh:notty 140.121.101.201 Fri Jan 2 20:15 - 20:15 (00:00)
    colin ssh:notty 140.121.101.201 Fri Jan 2 20:11 - 20:11 (00:00)
    cola ssh:notty 140.121.101.201 Fri Jan 2 20:06 - 20:06 (00:00)
    coke ssh:notty 140.121.101.201 Fri Jan 2 20:02 - 20:02 (00:00)
    coffee ssh:notty 140.121.101.201 Fri Jan 2 19:57 - 19:57 (00:00)
    code ssh:notty 140.121.101.201 Fri Jan 2 19:52 - 19:52 (00:00)
    coach ssh:notty 140.121.101.201 Fri Jan 2 19:48 - 19:48 (00:00)
    clusters ssh:notty 140.121.101.201 Fri Jan 2 19:43 - 19:43 (00:00)
    cluster ssh:notty 140.121.101.201 Fri Jan 2 19:39 - 19:39 (00:00)
    client ssh:notty 140.121.101.201 Fri Jan 2 19:34 - 19:34 (00:00)
    cleopatr ssh:notty 140.121.101.201 Fri Jan 2 19:30 - 19:30 (00:00)
    claudia ssh:notty 140.121.101.201 Fri Jan 2 19:25 - 19:25 (00:00)
    classic ssh:notty 140.121.101.201 Fri Jan 2 19:21 - 19:21 (00:00)
    class ssh:notty 140.121.101.201 Fri Jan 2 19:16 - 19:16 (00:00)
    clamav ssh:notty 140.121.101.201 Fri Jan 2 19:12 - 19:12 (00:00)
    cindy ssh:notty 140.121.101.201 Fri Jan 2 19:07 - 19:07 (00:00)
    christy ssh:notty 140.121.101.201 Fri Jan 2 19:03 - 19:03 (00:00)
    christin ssh:notty 140.121.101.201 Fri Jan 2 18:58 - 18:58 (00:00)
    christin ssh:notty 140.121.101.201 Fri Jan 2 18:54 - 18:54 (00:00)
    chris ssh:notty 140.121.101.201 Fri Jan 2 18:49 - 18:49 (00:00)
    chinese ssh:notty 140.121.101.201 Fri Jan 2 18:45 - 18:45 (00:00)
    chicken ssh:notty 140.121.101.201 Fri Jan 2 18:40 - 18:40 (00:00)
    chick ssh:notty 140.121.101.201 Fri Jan 2 18:36 - 18:36 (00:00)
    chester ssh:notty 140.121.101.201 Fri Jan 2 18:31 - 18:31 (00:00)
    chess ssh:notty 140.121.101.201 Fri Jan 2 18:27 - 18:27 (00:00)
    cheryl ssh:notty 140.121.101.201 Fri Jan 2 18:22 - 18:22 (00:00)
    chemistr ssh:notty 140.121.101.201 Fri Jan 2 18:18 - 18:18 (00:00)
    chem ssh:notty 140.121.101.201 Fri Jan 2 18:13 - 18:13 (00:00)
    cheese ssh:notty 140.121.101.201 Fri Jan 2 18:08 - 18:08 (00:00)
    chat ssh:notty 140.121.101.201 Fri Jan 2 18:04 - 18:04 (00:00)
    charon ssh:notty 140.121.101.201 Fri Jan 2 17:59 - 17:59 (00:00)
    charlie ssh:notty 140.121.101.201 Fri Jan 2 17:55 - 17:55 (00:00)
    charles ssh:notty 140.121.101.201 Fri Jan 2 17:50 - 17:50 (00:00)
    charity ssh:notty 140.121.101.201 Fri Jan 2 17:46 - 17:46 (00:00)
    change ssh:notty 140.121.101.201 Fri Jan 2 17:41 - 17:41 (00:00)
    cgi ssh:notty 140.121.101.201 Fri Jan 2 17:37 - 17:37 (00:00)
    cerulean ssh:notty 140.121.101.201 Fri Jan 2 17:32 - 17:32 (00:00)
    cent ssh:notty 140.121.101.201 Fri Jan 2 17:28 - 17:28 (00:00)
    celtics ssh:notty 140.121.101.201 Fri Jan 2 17:23 - 17:23 (00:00)
    cell ssh:notty 140.121.101.201 Fri Jan 2 17:19 - 17:19 (00:00)
    cecily ssh:notty 140.121.101.201 Fri Jan 2 17:14 - 17:14 (00:00)
    cdrom ssh:notty 140.121.101.201 Fri Jan 2 17:10 - 17:10 (00:00)
    c ssh:notty 140.121.101.201 Fri Jan 2 17:05 - 17:05 (00:00)
    cayuga ssh:notty 140.121.101.201 Fri Jan 2 17:01 - 17:01 (00:00)
    cathy ssh:notty 140.121.101.201 Fri Jan 2 16:56 - 16:56 (00:00)
    catherin ssh:notty 140.121.101.201 Fri Jan 2 16:52 - 16:52 (00:00)
    cat ssh:notty 140.121.101.201 Fri Jan 2 16:47 - 16:47 (00:00)
    catalin ssh:notty 140.121.101.201 Fri Jan 2 16:43 - 16:43 (00:00)
    cat ssh:notty 140.121.101.201 Fri Jan 2 16:39 - 16:39 (00:00)
    castle ssh:notty 140.121.101.201 Fri Jan 2 16:34 - 16:34 (00:00)
    cascades ssh:notty 140.121.101.201 Fri Jan 2 16:29 - 16:29 (00:00)
    carson ssh:notty 140.121.101.201 Fri Jan 2 16:25 - 16:25 (00:00)
    carrie ssh:notty 140.121.101.201 Fri Jan 2 16:21 - 16:21 (00:00)
    carolyn ssh:notty 140.121.101.201 Fri Jan 2 16:16 - 16:16 (00:00)
    caroline ssh:notty 140.121.101.201 Fri Jan 2 16:12 - 16:12 (00:00)
    carolina ssh:notty 140.121.101.201 Fri Jan 2 16:07 - 16:07 (00:00)
    carole ssh:notty 140.121.101.201 Fri Jan 2 16:03 - 16:03 (00:00)
    carol ssh:notty 140.121.101.201 Fri Jan 2 15:58 - 15:58 (00:00)
    carmen ssh:notty 140.121.101.201 Fri Jan 2 15:54 - 15:54 (00:00)
    carlos ssh:notty 140.121.101.201 Fri Jan 2 15:49 - 15:49 (00:00)
    carla ssh:notty 140.121.101.201 Fri Jan 2 15:45 - 15:45 (00:00)
    caren ssh:notty 140.121.101.201 Fri Jan 2 15:40 - 15:40 (00:00)
    cardinal ssh:notty 140.121.101.201 Fri Jan 2 15:36 - 15:36 (00:00)
    cap ssh:notty 140.121.101.201 Fri Jan 2 15:31 - 15:31 (00:00)
    cantor ssh:notty 140.121.101.201 Fri Jan 2 15:26 - 15:26 (00:00)
    candy ssh:notty 140.121.101.201 Fri Jan 2 15:22 - 15:22 (00:00)
    candi ssh:notty 140.121.101.201 Fri Jan 2 15:17 - 15:17 (00:00)
    campani ssh:notty 140.121.101.201 Fri Jan 2 15:13 - 15:13 (00:00)
    camille ssh:notty 140.121.101.201 Fri Jan 2 15:08 - 15:08 (00:00)
    calbert ssh:notty 140.121.101.201 Fri Jan 2 15:04 - 15:04 (00:00)
    caesar ssh:notty 140.121.101.201 Fri Jan 2 14:59 - 14:59 (00:00)
    cad ssh:notty 140.121.101.201 Fri Jan 2 14:55 - 14:55 (00:00)
    c ssh:notty 140.121.101.201 Fri Jan 2 14:50 - 14:50 (00:00)
    burgess ssh:notty 140.121.101.201 Fri Jan 2 14:46 - 14:46 (00:00)
    bunny ssh:notty 140.121.101.201 Fri Jan 2 14:41 - 14:41 (00:00)
    bumbling ssh:notty 140.121.101.201 Fri Jan 2 14:37 - 14:37 (00:00)
    budha ssh:notty 140.121.101.201 Fri Jan 2 14:32 - 14:32 (00:00)
    bsd ssh:notty 140.121.101.201 Fri Jan 2 14:28 - 14:28 (00:00)
    bruce ssh:notty 140.121.101.201 Fri Jan 2 14:23 - 14:23 (00:00)
    broadway ssh:notty 140.121.101.201 Fri Jan 2 14:18 - 14:18 (00:00)
    britney ssh:notty 140.121.101.201 Fri Jan 2 14:14 - 14:14 (00:00)
    bridget ssh:notty 140.121.101.201 Fri Jan 2 14:09 - 14:09 (00:00)
    brian ssh:notty 140.121.101.201 Fri Jan 2 14:05 - 14:05 (00:00)
    brenda ssh:notty 140.121.101.201 Fri Jan 2 14:00 - 14:00 (00:00)
    brandy ssh:notty 140.121.101.201 Fri Jan 2 13:56 - 13:56 (00:00)
    brandi ssh:notty 140.121.101.201 Fri Jan 2 13:51 - 13:51 (00:00)
    bradley ssh:notty 140.121.101.201 Fri Jan 2 13:47 - 13:47 (00:00)
    boxer ssh:notty 140.121.101.201 Fri Jan 2 13:42 - 13:42 (00:00)
    bond ssh:notty 140.121.101.201 Fri Jan 2 13:38 - 13:38 (00:00)
    bob ssh:notty 140.121.101.201 Fri Jan 2 13:33 - 13:33 (00:00)
    blue ssh:notty 140.121.101.201 Fri Jan 2 13:29 - 13:29 (00:00)
    blond ssh:notty 140.121.101.201 Fri Jan 2 13:24 - 13:24 (00:00)
    blacks ssh:notty 140.121.101.201 Fri Jan 2 13:19 - 13:19 (00:00)
    bitch ssh:notty 140.121.101.201 Fri Jan 2 13:15 - 13:15 (00:00)
    bishop ssh:notty 140.121.101.201 Fri Jan 2 13:10 - 13:10 (00:00)
    bill ssh:notty 140.121.101.201 Fri Jan 2 13:01 - 13:01 (00:00)
    bids ssh:notty 140.121.101.201 Fri Jan 2 12:57 - 12:57 (00:00)
    bicamera ssh:notty 140.121.101.201 Fri Jan 2 12:52 - 12:52 (00:00)
    bf ssh:notty 140.121.101.201 Fri Jan 2 12:48 - 12:48 (00:00)
    beverly ssh:notty 140.121.101.201 Fri Jan 2 12:43 - 12:43 (00:00)
    betty ssh:notty 140.121.101.201 Fri Jan 2 12:39 - 12:39 (00:00)
    betsie ssh:notty 140.121.101.201 Fri Jan 2 12:34 - 12:34 (00:00)
    beth ssh:notty 140.121.101.201 Fri Jan 2 12:30 - 12:30 (00:00)
    beta ssh:notty 140.121.101.201 Fri Jan 2 12:25 - 12:25 (00:00)
    beryl ssh:notty 140.121.101.201 Fri Jan 2 12:21 - 12:21 (00:00)
    berliner ssh:notty 140.121.101.201 Fri Jan 2 12:16 - 12:16 (00:00)
    berlin ssh:notty 140.121.101.201 Fri Jan 2 12:12 - 12:12 (00:00)
    berkly ssh:notty 140.121.101.201 Fri Jan 2 12:07 - 12:07 (00:00)
    berkeley ssh:notty 140.121.101.201 Fri Jan 2 12:02 - 12:02 (00:00)
    beowulf ssh:notty 140.121.101.201 Fri Jan 2 11:58 - 11:58 (00:00)
    benz ssh:notty 140.121.101.201 Fri Jan 2 11:53 - 11:53 (00:00)
    benjamin ssh:notty 140.121.101.201 Fri Jan 2 11:49 - 11:49 (00:00)
    ben ssh:notty 140.121.101.201 Fri Jan 2 11:44 - 11:44 (00:00)
    beloved ssh:notty 140.121.101.201 Fri Jan 2 11:40 - 11:40 (00:00)
    beethove ssh:notty 140.121.101.201 Fri Jan 2 11:35 - 11:35 (00:00)
    beer ssh:notty 140.121.101.201 Fri Jan 2 11:31 - 11:31 (00:00)
    becky ssh:notty 140.121.101.201 Fri Jan 2 11:26 - 11:26 (00:00)
    beaver ssh:notty 140.121.101.201 Fri Jan 2 11:22 - 11:22 (00:00)
    beauty ssh:notty 140.121.101.201 Fri Jan 2 11:17 - 11:17 (00:00)
    beater ssh:notty 140.121.101.201 Fri Jan 2 11:12 - 11:12 (00:00)
    bear ssh:notty 140.121.101.201 Fri Jan 2 11:08 - 11:08 (00:00)
    beach ssh:notty 140.121.101.201 Fri Jan 2 11:03 - 11:03 (00:00)
    b ssh:notty 140.121.101.201 Fri Jan 2 10:59 - 10:59 (00:00)
    batt ssh:notty 140.121.101.201 Fri Jan 2 10:55 - 10:55 (00:00)
    batman ssh:notty 140.121.101.201 Fri Jan 2 10:50 - 10:50 (00:00)
    batch ssh:notty 140.121.101.201 Fri Jan 2 10:45 - 10:45 (00:00)
    bassoon ssh:notty 140.121.101.201 Fri Jan 2 10:41 - 10:41 (00:00)
    bass ssh:notty 140.121.101.201 Fri Jan 2 10:36 - 10:36 (00:00)
    basic ssh:notty 140.121.101.201 Fri Jan 2 10:32 - 10:32 (00:00)
    bartman ssh:notty 140.121.101.201 Fri Jan 2 10:27 - 10:27 (00:00)
    baritone ssh:notty 140.121.101.201 Fri Jan 2 10:23 - 10:23 (00:00)
    barber ssh:notty 140.121.101.201 Fri Jan 2 10:18 - 10:18 (00:00)
    barbara ssh:notty 140.121.101.201 Fri Jan 2 10:14 - 10:14 (00:00)
    banks ssh:notty 140.121.101.201 Fri Jan 2 10:09 - 10:09 (00:00)
    bandit ssh:notty 140.121.101.201 Fri Jan 2 10:04 - 10:04 (00:00)
    bananas ssh:notty 140.121.101.201 Fri Jan 2 10:00 - 10:00 (00:00)
    banana ssh:notty 140.121.101.201 Fri Jan 2 09:55 - 09:55 (00:00)
    balan ssh:notty 140.121.101.201 Fri Jan 2 09:51 - 09:51 (00:00)
    bailey ssh:notty 140.121.101.201 Fri Jan 2 09:46 - 09:46 (00:00)
    badass ssh:notty 140.121.101.201 Fri Jan 2 09:42 - 09:42 (00:00)
    bacchus ssh:notty 140.121.101.201 Fri Jan 2 09:37 - 09:37 (00:00)
    b ssh:notty 140.121.101.201 Fri Jan 2 09:33 - 09:33 (00:00)
    azure ssh:notty 140.121.101.201 Fri Jan 2 09:28 - 09:28 (00:00)
    athena ssh:notty 140.121.101.201 Fri Jan 2 09:24 - 09:24 (00:00)
    asshole ssh:notty 140.121.101.201 Fri Jan 2 09:19 - 09:19 (00:00)
    asm ssh:notty 140.121.101.201 Fri Jan 2 09:15 - 09:15 (00:00)
    ashley ssh:notty 140.121.101.201 Fri Jan 2 09:10 - 09:10 (00:00)
    asd ssh:notty 140.121.101.201 Fri Jan 2 09:06 - 09:06 (00:00)
    arthur ssh:notty 140.121.101.201 Fri Jan 2 09:01 - 09:01 (00:00)
    arrow ssh:notty 140.121.101.201 Fri Jan 2 08:57 - 08:57 (00:00)
    armando ssh:notty 140.121.101.201 Fri Jan 2 08:52 - 08:52 (00:00)
    arlene ssh:notty 140.121.101.201 Fri Jan 2 08:48 - 08:48 (00:00)
    ariadne ssh:notty 140.121.101.201 Fri Jan 2 08:43 - 08:43 (00:00)
    aria ssh:notty 140.121.101.201 Fri Jan 2 08:39 - 08:39 (00:00)
    april ssh:notty 140.121.101.201 Fri Jan 2 08:34 - 08:34 (00:00)
    apache ssh:notty 140.121.101.201 Fri Jan 2 08:30 - 08:30 (00:00)
    annette ssh:notty 140.121.101.201 Fri Jan 2 08:25 - 08:25 (00:00)
    anne ssh:notty 140.121.101.201 Fri Jan 2 08:21 - 08:21 (00:00)
    anna ssh:notty 140.121.101.201 Fri Jan 2 08:16 - 08:16 (00:00)
    ann ssh:notty 140.121.101.201 Fri Jan 2 08:12 - 08:12 (00:00)
    anita ssh:notty 140.121.101.201 Fri Jan 2 08:08 - 08:08 (00:00)
    angie ssh:notty 140.121.101.201 Fri Jan 2 08:03 - 08:03 (00:00)
    angerine ssh:notty 140.121.101.201 Fri Jan 2 07:59 - 07:59 (00:00)
    angela ssh:notty 140.121.101.201 Fri Jan 2 07:54 - 07:54 (00:00)
    ane ssh:notty 140.121.101.201 Fri Jan 2 07:50 - 07:50 (00:00)
    andy ssh:notty 140.121.101.201 Fri Jan 2 07:45 - 07:45 (00:00)
    andromac ssh:notty 140.121.101.201 Fri Jan 2 07:41 - 07:41 (00:00)
    andrew ssh:notty 140.121.101.201 Fri Jan 2 07:36 - 07:36 (00:00)
    andreg ssh:notty 140.121.101.201 Fri Jan 2 07:32 - 07:32 (00:00)
    andrea ssh:notty 140.121.101.201 Fri Jan 2 07:27 - 07:27 (00:00)
    andre ssh:notty 140.121.101.201 Fri Jan 2 07:23 - 07:23 (00:00)
    andersen ssh:notty 140.121.101.201 Fri Jan 2 07:19 - 07:19 (00:00)
    anchor ssh:notty 140.121.101.201 Fri Jan 2 07:14 - 07:14 (00:00)
    an ssh:notty 140.121.101.201 Fri Jan 2 07:10 - 07:10 (00:00)
    analog ssh:notty 140.121.101.201 Fri Jan 2 07:05 - 07:05 (00:00)
    anallise ssh:notty 140.121.101.201 Fri Jan 2 07:01 - 07:01 (00:00)
    anallese ssh:notty 140.121.101.201 Fri Jan 2 06:56 - 06:56 (00:00)
    analise ssh:notty 140.121.101.201 Fri Jan 2 06:52 - 06:52 (00:00)
    analiese ssh:notty 140.121.101.201 Fri Jan 2 06:47 - 06:47 (00:00)
    anabelle ssh:notty 140.121.101.201 Fri Jan 2 06:42 - 06:42 (00:00)
    anabella ssh:notty 140.121.101.201 Fri Jan 2 06:38 - 06:38 (00:00)
    anabel ssh:notty 140.121.101.201 Fri Jan 2 06:33 - 06:33 (00:00)
  • fri
  • Jan
  • admin
    33 条回复    2015-01-26 19:46:02 +08:00
    aru
        1
    aru  
       2015-01-05 15:07:07 +08:00
    换个端口
    Blask
        2
    Blask  
       2015-01-05 15:08:12 +08:00
    楼上正解
    aru
        3
    aru  
       2015-01-05 15:08:23 +08:00
    已经足够了,除非sshd 爆出其他的安全漏洞,否则别人无法通过ssh进来
    c0878
        4
    c0878  
       2015-01-05 15:09:34 +08:00
    只要公网开了22就会被人一直尝试的 自己安全做好就行 忽略之
    besto
        5
    besto  
       2015-01-05 15:10:38 +08:00
    怎么能允许root登录。另外key一定也要密码,切记。另外ssh 不用每次都-p。
    unfurl
        6
    unfurl  
       2015-01-05 15:12:58 +08:00
    装个denyhost
    cattyhouse
        7
    cattyhouse  
    OP
       2015-01-05 15:15:50 +08:00 via iPhone   1
    @besto 换端口了,就要加-p参数。ssh不光是用来登陆,换端口的话rsync,mosh都需要指定端口。
    xenme
        8
    xenme  
       2015-01-05 15:17:04 +08:00
    很正常,我家里路由器,天天都有人来扫弱口令~~
    21grams
        9
    21grams  
       2015-01-05 15:20:25 +08:00
    装个fail2ban,连配都不用配,默认拉黑六次密码错的ip。
    halfbloodrock
        10
    halfbloodrock  
       2015-01-05 15:25:24 +08:00
    @cattyhouse ssh 可以在.ssh/config 里定义下端口,免去每次输入痛苦。
    besto
        11
    besto  
       2015-01-05 15:28:25 +08:00
    @cattyhouse 你可以配.ssh/config
        12
    avichen  
       2015-01-05 15:36:52 +08:00
    你可以试试denyhosts,自动屏蔽非法用户连接sshd。
    geeklian
        13
    geeklian  
       2015-01-05 15:51:50 +08:00 via iPhone
    @21grams
    顶fail2ban

    正式登陆,并不就是万无一失了,你的VPS还有可能被日志塞满.(@.@)
    novaeyoucom
        14
    novaeyoucom  
       2015-01-05 16:36:16 +08:00
    用denyhosts, 这是都是机器人自动扫描,
    henices
        15
    henices  
       2015-01-05 17:03:33 +08:00
    请使用证书认证,禁用密码认证
    BOYPT
        16
    BOYPT  
       2015-01-05 17:27:58 +08:00
    扫就扫呗,关密码登录他又不可能进来。
    niklaus520
        17
    niklaus520  
       2015-01-05 17:36:00 +08:00
    xshell保存一下配置呗,自己电脑直接双击登录,有啥麻烦的
    uuspider
        18
    uuspider  
       2015-01-05 17:41:57 +08:00
    换了端口能省很多事,ssh也可以改掉默认端口
    nerowu2010
        19
    nerowu2010  
       2015-01-05 18:22:03 +08:00
    @besto 正解!
    maemual
        20
    maemual  
       2015-01-05 18:28:10 +08:00
    换个端口,然后在本地.ssh/config里加一下配置不就好了么。
    msg7086
        21
    msg7086  
       2015-01-05 20:47:58 +08:00 via iPhone
    为何要用log来spam 论坛…
    gangsta
        22
    gangsta  
       2015-01-05 21:12:59 +08:00 via iPhone
    不常见端口+fail2ban
    bellchu
        23
    bellchu  
       2015-01-05 21:19:21 +08:00
    passwd -d root

    然后就可以安心的睡了
    intosec
        24
    intosec  
       2015-01-05 21:40:01 +08:00 via Android
    太正常了,昨天刷ros测试,ros初始是没有防火墙规则的。刚把pppoe配好才拨上号,日志里就发现有ip在爆破ssh。一度让我怀疑国内流行的几个xx版ros镜像是不是都带后门。。。
    Chipper
        25
    Chipper  
       2015-01-05 21:42:11 +08:00
    在 vps中安装一个denyhosts
    oxoxoxox
        26
    oxoxoxox  
       2015-01-05 22:32:18 +08:00
    换五位数的端口 + fail2ban
    如果VPS很重要,那就再禁止root登录,然后再禁掉password登录转而用key
    oxoxoxox
        27
    oxoxoxox  
       2015-01-05 22:34:31 +08:00
    登录的话用SecureCRT保存一下ssh配置,用起来也还是蛮方便的
    不过这貌似比加-p参数还多几步
    boogiefer
        28
    boogiefer  
       2015-01-06 00:28:34 +08:00
    推荐25#的方法,我也是用denyhosts。
    BUPTGuo
        29
    BUPTGuo  
       2015-01-06 00:49:04 +08:00
    22端口应该是有一些工具去扫的吧,换端口管用,denyhosts也挺好。我换了端口之后,denyhosts就没再增加过ip了
    lujiajing1126
        30
    lujiajing1126  
       2015-01-06 11:55:36 +08:00
    再正常不过了。。。。。。。一般都会ssh攻击root
    先ssh禁用root,再禁止root从shell登陆
    ```
    sudo passwd -dl root
    ```
    似乎是这样,不能有-e因为root可能还需要运行crontab
    然后denyhosts是基本原理,你可以用fail2ban这类的工具
    以前我直接用python写了一个扫日志的。。自动加到denyhosts
    darksheen
        31
    darksheen  
       2015-01-06 15:38:50 +08:00
    我在linode的vps每天也有1万多次root登录尝试,直接禁用root登录就没事了
    sangsir
        32
    sangsir  
       2015-01-07 09:50:02 +08:00
    不常见端口+fail2ban,+1
    tomaer
        33
    tomaer  
       2015-01-26 19:46:02 +08:00
    iptables中加上只允许你的ip段访问22端口~最简单的方法.
    关于     帮助文档     自助推广系统     博客     API     FAQ     Solana     5517 人在线   最高记录 6679       Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 43ms UTC 09:04 PVG 17:04 LAX 02:04 JFK 05:04
    Do have faith in what you're doing.
    ubao snddm index pchome yahoo rakuten mypaper meadowduck bidyahoo youbao zxmzxm asda bnvcg cvbfg dfscv mmhjk xxddc yybgb zznbn ccubao uaitu acv GXCV ET GDG YH FG BCVB FJFH CBRE CBC GDG ET54 WRWR RWER WREW WRWER RWER SDG EW SF DSFSF fbbs ubao fhd dfg ewr dg df ewwr ewwr et ruyut utut dfg fgd gdfgt etg dfgt dfgd ert4 gd fgg wr 235 wer3 we vsdf sdf gdf ert xcv sdf rwer hfd dfg cvb rwf afb dfh jgh bmn lgh rty gfds cxv xcv xcs vdas fdf fgd cv sdf tert sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf sdf shasha9178 shasha9178 shasha9178 shasha9178 shasha9178 liflif2 liflif2 liflif2 liflif2 liflif2 liblib3 liblib3 liblib3 liblib3 liblib3 zhazha444 zhazha444 zhazha444 zhazha444 zhazha444 dende5 dende denden denden2 denden21 fenfen9 fenf619 fen619 fenfe9 fe619 sdf sdf sdf sdf sdf zhazh90 zhazh0 zhaa50 zha90 zh590 zho zhoz zhozh zhozho zhozho2 lislis lls95 lili95 lils5 liss9 sdf0ty987 sdft876 sdft9876 sdf09876 sd0t9876 sdf0ty98 sdf0976 sdf0ty986 sdf0ty96 sdf0t76 sdf0876 df0ty98 sf0t876 sd0ty76 sdy76 sdf76 sdf0t76 sdf0ty9 sdf0ty98 sdf0ty987 sdf0ty98 sdf6676 sdf876 sd876 sd876 sdf6 sdf6 sdf9876 sdf0t sdf06 sdf0ty9776 sdf0ty9776 sdf0ty76 sdf8876 sdf0t sd6 sdf06 s688876 sd688 sdf86