how to change hestia ssh port address.
u can change using this
nano /etc/ssh/sshd_config
systemctl restart sshd.service
dont forget to added your new SSH Port into firewall
I don’t think it is the right way to protect your server because hackers spam open ports. I have changed the SSH port and discovered after several months that hackers launched brute force attacks on the new port 2022.
So, then, I went back to the port 22 and I did the following:
- I have switched to pubkey authentication and I have disabled Password authentication in SSHD config. I could do it because I have access to console. So, even if I lose my id_rsa files I can connect to the console.
I found this video:
#5 Setup SSH keys Authentication Login for Ubuntu Server via Git Bash on a Windows PC - YouTube
Disable password authentication only if you know that your pubkeys are working. Keep your Id_rsa files in safe places.
- I have increased fail2ban power by switching to mode=agressive.
Fail2ban stopped banning IP after disabling password auth. for SSH
With my current fail2ban config, the IP address of the hacker gets banned after 2 attempts. So, they try to connect my server using password authentication. They get kicked out kickly, they try several times and that’s it they are out.
[ssh-iptables]
enabled = true
filter = sshd[mode=aggressive]
action = hestia[name=SSH]
logpath = /var/log/auth.log
maxretry = 2
findtime = 864000
bantime = 864000
Description, if an attacker tries to log in twice within 10 days (findtime=864000 seconds) then, the IP address is banned for 10 days (bantime=864000 seconds)
if your own IP gets banned you can unban it via hestia admin panel in the firewall section.
1 Like