Using (private/public) keys to restrict access is definitely the best way to secure access to a server via SSH.
However it can be abit of pain if multiple people need access and they aren’t that tech savvy.
Another way to secure SSH but not have to worry about keys is by limiting the login attempts and banning a user’s IP address, if they make too many tries in x time period ( i.e. if they try a brute force password attack on you).
One tool for doing this is fail2ban .
Here’s the process:
# if epel not installed ( run below to install it )
sudo yum install epel-release
sudo yum install fail2ban
sudo systemctl enable fail2ban
sudo vi /etc/fail2ban/jail.local
#Paste in this to above file:
# Ban hosts for one hour:
bantime = 3600
enabled = true
# restart it
sudo systemctl restart fail2ban
# check it
sudo fail2ban-client status
# Test I get banned ! on web server ( try login multiple times 5 fails to BAN)
# check this log , to check if I banned
To check fail2ban is working and banning IPs
A handy way for checking if your banned is try to login via SSH until your banned ( will say ‘connection refused’ ).
Then check what your IP (of machine your sat at ), probably as easy as any is use something like whatsmyiup’s site
Get another IP ( if you have a phone and hotspot function connect to that and it will give you a new IP ).
Login to ssh ( as you phone IP won’t be banned ), and look in this file for your old banned IP /var/log/fail2ban.log
Disclaimer: All content on this site, is use at your own risk (Always backup before changing anything in your software/database/servers etc). Techs change, go out of date etc...
I/we accept no liability if anything you use on this site adversely affects you.