SSH Failed Login Attempts

Some Linux distributions, such as CentOS 7, will display a statistic upon logging in via SSH to alert you if there have been any failed login attempts:

There were 51 failed login attempts since the last successful login.

Unfortunately, this is considered normal. Bots are well known to scour the internet in the hope of brute forcing services such as SSH. Fortunately, there's a quick and easy solution to help protect this particular service - change the port!

The default port for Linux servers is 22, which is what such bots will typically target. 

The exact process for changing your SSH port may vary depending on your OS and configuration, however, as a general rule of thumb, open the /etc/ssh/sshd_config file, locate #Port 22 and remove the comment (#). Then, change 22 to a value of your choice (i.e. 2222) and restart SSH (typically service sshd restart will do the trick).
  • 3 Users Found This Useful
Was this answer helpful?

Related Articles

You may be familiar with ClamAV and Maldet (aka Linux Malware Detect). They're widely known as two excellent choices for identifying malware. What you may not realize, however, is that they can be...

Read More ...

On cPanel servers, you may come across the process /usr/local/cpanel/bin/mysqluserstore/usr/local/cpanel/bin/mysqluserstore creates and updates the /var/cpanel/databases/users.db and...

Read More ...

If your server is running cPanel/WHM, simply execute the below commands via SSH (as root):wget http://www.litespeedtech.com/packages/cpanel/lsws_whm_plugin_install.shsh...

Read More ...

If you're like us, you'll want your server's timezone to match your local time to make log management easier. Fortunately, this is easy to do! This guide works perfectly on servers running CentOS...

Read More ...

This nifty command allows you to built up a list of the largest files and directories:FS='/';clear;date;df -h $FS; echo "Largest Directories:"; du -hcx –max-depth=2 $FS 2>/dev/null | grep [0-9]G...

Read More ...