| 1 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 2 |
DENIED
|
moderate
|
Proxies\__CG__\App\Entity\Entry {#1591
+user: Proxies\__CG__\App\Entity\User {#2385 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1385 …}
+slug: "Have-I-successfully-blocked-ssh-logins-to-root"
+title: "Have I successfully blocked ssh logins to root?"
+url: null
+body: """
I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
\n
What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
\n
Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 20
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699784052 {#1721
date: 2023-11-12 11:14:12.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1405 …}
+votes: Doctrine\ORM\PersistentCollection {#1383 …}
+reports: Doctrine\ORM\PersistentCollection {#2393 …}
+favourites: Doctrine\ORM\PersistentCollection {#2036 …}
+notifications: Doctrine\ORM\PersistentCollection {#2013 …}
+badges: Doctrine\ORM\PersistentCollection {#2096 …}
+children: [
1 => App\Entity\EntryComment {#1554
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1565 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: """
It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
\n
Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
\n
Fail2ban *should* work with a different port without any further configuration but it might not.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1699631376 {#1557
date: 2023-11-10 16:49:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
"@siph@feddit.de"
]
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1566 …}
+votes: Doctrine\ORM\PersistentCollection {#1548 …}
+reports: Doctrine\ORM\PersistentCollection {#1550 …}
+favourites: Doctrine\ORM\PersistentCollection {#1525 …}
+notifications: Doctrine\ORM\PersistentCollection {#1527 …}
-id: 107970
-bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4690495"
+editedAt: DateTimeImmutable @1699708626 {#1556
date: 2023-11-11 14:17:06.0 +01:00
}
+createdAt: DateTimeImmutable @1699631376 {#1558
date: 2023-11-10 16:49:36.0 +01:00
}
+"title": 107970
}
2 => App\Entity\EntryComment {#1695
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: null
+root: null
+body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699706825 {#1433
date: 2023-11-11 13:47:05.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@StarkZarn"
"@cyberwolfie@lemmy.ml"
]
+children: Doctrine\ORM\PersistentCollection {#1579 …}
+nested: Doctrine\ORM\PersistentCollection {#1577 …}
+votes: Doctrine\ORM\PersistentCollection {#1578 …}
+reports: Doctrine\ORM\PersistentCollection {#1571 …}
+favourites: Doctrine\ORM\PersistentCollection {#1574 …}
+notifications: Doctrine\ORM\PersistentCollection {#1667 …}
-id: 107881
-bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689737"
+editedAt: null
+createdAt: DateTimeImmutable @1699630012 {#1430
date: 2023-11-10 16:26:52.0 +01:00
}
+"title": 107881
}
0 => App\Entity\EntryComment {#1568
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1691 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
+lang: "en"
+isAdult: false
+favouriteCount: 10
+score: 0
+lastActive: DateTime @1699630241 {#1673
date: 2023-11-10 16:30:41.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
]
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1683 …}
+votes: Doctrine\ORM\PersistentCollection {#1702 …}
+reports: Doctrine\ORM\PersistentCollection {#1596 …}
+favourites: Doctrine\ORM\PersistentCollection {#1613 …}
+notifications: Doctrine\ORM\PersistentCollection {#1621 …}
-id: 107899
-bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689891"
+editedAt: null
+createdAt: DateTimeImmutable @1699630241 {#1560
date: 2023-11-10 16:30:41.0 +01:00
}
+"title": 107899
}
]
-id: 11766
-titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
-bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1699715739
+visibility: "visible "
+apId: "https://lemmy.ml/post/7770730"
+editedAt: null
+createdAt: DateTimeImmutable @1699629339 {#1697
date: 2023-11-10 16:15:39.0 +01:00
}
+__isInitialized__: true
…2
} |
|
Show voter details
|
| 3 |
DENIED
|
edit
|
Proxies\__CG__\App\Entity\Entry {#1591
+user: Proxies\__CG__\App\Entity\User {#2385 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1385 …}
+slug: "Have-I-successfully-blocked-ssh-logins-to-root"
+title: "Have I successfully blocked ssh logins to root?"
+url: null
+body: """
I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
\n
What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
\n
Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 20
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699784052 {#1721
date: 2023-11-12 11:14:12.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1405 …}
+votes: Doctrine\ORM\PersistentCollection {#1383 …}
+reports: Doctrine\ORM\PersistentCollection {#2393 …}
+favourites: Doctrine\ORM\PersistentCollection {#2036 …}
+notifications: Doctrine\ORM\PersistentCollection {#2013 …}
+badges: Doctrine\ORM\PersistentCollection {#2096 …}
+children: [
1 => App\Entity\EntryComment {#1554
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1565 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: """
It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
\n
Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
\n
Fail2ban *should* work with a different port without any further configuration but it might not.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1699631376 {#1557
date: 2023-11-10 16:49:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
"@siph@feddit.de"
]
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1566 …}
+votes: Doctrine\ORM\PersistentCollection {#1548 …}
+reports: Doctrine\ORM\PersistentCollection {#1550 …}
+favourites: Doctrine\ORM\PersistentCollection {#1525 …}
+notifications: Doctrine\ORM\PersistentCollection {#1527 …}
-id: 107970
-bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4690495"
+editedAt: DateTimeImmutable @1699708626 {#1556
date: 2023-11-11 14:17:06.0 +01:00
}
+createdAt: DateTimeImmutable @1699631376 {#1558
date: 2023-11-10 16:49:36.0 +01:00
}
+"title": 107970
}
2 => App\Entity\EntryComment {#1695
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: null
+root: null
+body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699706825 {#1433
date: 2023-11-11 13:47:05.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@StarkZarn"
"@cyberwolfie@lemmy.ml"
]
+children: Doctrine\ORM\PersistentCollection {#1579 …}
+nested: Doctrine\ORM\PersistentCollection {#1577 …}
+votes: Doctrine\ORM\PersistentCollection {#1578 …}
+reports: Doctrine\ORM\PersistentCollection {#1571 …}
+favourites: Doctrine\ORM\PersistentCollection {#1574 …}
+notifications: Doctrine\ORM\PersistentCollection {#1667 …}
-id: 107881
-bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689737"
+editedAt: null
+createdAt: DateTimeImmutable @1699630012 {#1430
date: 2023-11-10 16:26:52.0 +01:00
}
+"title": 107881
}
0 => App\Entity\EntryComment {#1568
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1691 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
+lang: "en"
+isAdult: false
+favouriteCount: 10
+score: 0
+lastActive: DateTime @1699630241 {#1673
date: 2023-11-10 16:30:41.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
]
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1683 …}
+votes: Doctrine\ORM\PersistentCollection {#1702 …}
+reports: Doctrine\ORM\PersistentCollection {#1596 …}
+favourites: Doctrine\ORM\PersistentCollection {#1613 …}
+notifications: Doctrine\ORM\PersistentCollection {#1621 …}
-id: 107899
-bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689891"
+editedAt: null
+createdAt: DateTimeImmutable @1699630241 {#1560
date: 2023-11-10 16:30:41.0 +01:00
}
+"title": 107899
}
]
-id: 11766
-titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
-bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1699715739
+visibility: "visible "
+apId: "https://lemmy.ml/post/7770730"
+editedAt: null
+createdAt: DateTimeImmutable @1699629339 {#1697
date: 2023-11-10 16:15:39.0 +01:00
}
+__isInitialized__: true
…2
} |
|
Show voter details
|
| 4 |
DENIED
|
moderate
|
Proxies\__CG__\App\Entity\Entry {#1591
+user: Proxies\__CG__\App\Entity\User {#2385 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1385 …}
+slug: "Have-I-successfully-blocked-ssh-logins-to-root"
+title: "Have I successfully blocked ssh logins to root?"
+url: null
+body: """
I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
\n
What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
\n
Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 20
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699784052 {#1721
date: 2023-11-12 11:14:12.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1405 …}
+votes: Doctrine\ORM\PersistentCollection {#1383 …}
+reports: Doctrine\ORM\PersistentCollection {#2393 …}
+favourites: Doctrine\ORM\PersistentCollection {#2036 …}
+notifications: Doctrine\ORM\PersistentCollection {#2013 …}
+badges: Doctrine\ORM\PersistentCollection {#2096 …}
+children: [
1 => App\Entity\EntryComment {#1554
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1565 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: """
It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
\n
Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
\n
Fail2ban *should* work with a different port without any further configuration but it might not.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1699631376 {#1557
date: 2023-11-10 16:49:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
"@siph@feddit.de"
]
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1566 …}
+votes: Doctrine\ORM\PersistentCollection {#1548 …}
+reports: Doctrine\ORM\PersistentCollection {#1550 …}
+favourites: Doctrine\ORM\PersistentCollection {#1525 …}
+notifications: Doctrine\ORM\PersistentCollection {#1527 …}
-id: 107970
-bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4690495"
+editedAt: DateTimeImmutable @1699708626 {#1556
date: 2023-11-11 14:17:06.0 +01:00
}
+createdAt: DateTimeImmutable @1699631376 {#1558
date: 2023-11-10 16:49:36.0 +01:00
}
+"title": 107970
}
2 => App\Entity\EntryComment {#1695
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: null
+root: null
+body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699706825 {#1433
date: 2023-11-11 13:47:05.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@StarkZarn"
"@cyberwolfie@lemmy.ml"
]
+children: Doctrine\ORM\PersistentCollection {#1579 …}
+nested: Doctrine\ORM\PersistentCollection {#1577 …}
+votes: Doctrine\ORM\PersistentCollection {#1578 …}
+reports: Doctrine\ORM\PersistentCollection {#1571 …}
+favourites: Doctrine\ORM\PersistentCollection {#1574 …}
+notifications: Doctrine\ORM\PersistentCollection {#1667 …}
-id: 107881
-bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689737"
+editedAt: null
+createdAt: DateTimeImmutable @1699630012 {#1430
date: 2023-11-10 16:26:52.0 +01:00
}
+"title": 107881
}
0 => App\Entity\EntryComment {#1568
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1691 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
+lang: "en"
+isAdult: false
+favouriteCount: 10
+score: 0
+lastActive: DateTime @1699630241 {#1673
date: 2023-11-10 16:30:41.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
]
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1683 …}
+votes: Doctrine\ORM\PersistentCollection {#1702 …}
+reports: Doctrine\ORM\PersistentCollection {#1596 …}
+favourites: Doctrine\ORM\PersistentCollection {#1613 …}
+notifications: Doctrine\ORM\PersistentCollection {#1621 …}
-id: 107899
-bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689891"
+editedAt: null
+createdAt: DateTimeImmutable @1699630241 {#1560
date: 2023-11-10 16:30:41.0 +01:00
}
+"title": 107899
}
]
-id: 11766
-titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
-bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1699715739
+visibility: "visible "
+apId: "https://lemmy.ml/post/7770730"
+editedAt: null
+createdAt: DateTimeImmutable @1699629339 {#1697
date: 2023-11-10 16:15:39.0 +01:00
}
+__isInitialized__: true
…2
} |
|
Show voter details
|
| 5 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 6 |
DENIED
|
moderate
|
App\Entity\EntryComment {#1554
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591
+user: Proxies\__CG__\App\Entity\User {#2385 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1385 …}
+slug: "Have-I-successfully-blocked-ssh-logins-to-root"
+title: "Have I successfully blocked ssh logins to root?"
+url: null
+body: """
I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
\n
What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
\n
Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 20
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699784052 {#1721
date: 2023-11-12 11:14:12.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1405 …}
+votes: Doctrine\ORM\PersistentCollection {#1383 …}
+reports: Doctrine\ORM\PersistentCollection {#2393 …}
+favourites: Doctrine\ORM\PersistentCollection {#2036 …}
+notifications: Doctrine\ORM\PersistentCollection {#2013 …}
+badges: Doctrine\ORM\PersistentCollection {#2096 …}
+children: [
1 => App\Entity\EntryComment {#1554}
2 => App\Entity\EntryComment {#1695
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: null
+root: null
+body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699706825 {#1433
date: 2023-11-11 13:47:05.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@StarkZarn"
"@cyberwolfie@lemmy.ml"
]
+children: Doctrine\ORM\PersistentCollection {#1579 …}
+nested: Doctrine\ORM\PersistentCollection {#1577 …}
+votes: Doctrine\ORM\PersistentCollection {#1578 …}
+reports: Doctrine\ORM\PersistentCollection {#1571 …}
+favourites: Doctrine\ORM\PersistentCollection {#1574 …}
+notifications: Doctrine\ORM\PersistentCollection {#1667 …}
-id: 107881
-bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689737"
+editedAt: null
+createdAt: DateTimeImmutable @1699630012 {#1430
date: 2023-11-10 16:26:52.0 +01:00
}
+"title": 107881
}
0 => App\Entity\EntryComment {#1568
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1691 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
+lang: "en"
+isAdult: false
+favouriteCount: 10
+score: 0
+lastActive: DateTime @1699630241 {#1673
date: 2023-11-10 16:30:41.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
]
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1683 …}
+votes: Doctrine\ORM\PersistentCollection {#1702 …}
+reports: Doctrine\ORM\PersistentCollection {#1596 …}
+favourites: Doctrine\ORM\PersistentCollection {#1613 …}
+notifications: Doctrine\ORM\PersistentCollection {#1621 …}
-id: 107899
-bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689891"
+editedAt: null
+createdAt: DateTimeImmutable @1699630241 {#1560
date: 2023-11-10 16:30:41.0 +01:00
}
+"title": 107899
}
]
-id: 11766
-titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
-bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1699715739
+visibility: "visible "
+apId: "https://lemmy.ml/post/7770730"
+editedAt: null
+createdAt: DateTimeImmutable @1699629339 {#1697
date: 2023-11-10 16:15:39.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1565 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: """
It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
\n
Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
\n
Fail2ban *should* work with a different port without any further configuration but it might not.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1699631376 {#1557
date: 2023-11-10 16:49:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
"@siph@feddit.de"
]
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1566 …}
+votes: Doctrine\ORM\PersistentCollection {#1548 …}
+reports: Doctrine\ORM\PersistentCollection {#1550 …}
+favourites: Doctrine\ORM\PersistentCollection {#1525 …}
+notifications: Doctrine\ORM\PersistentCollection {#1527 …}
-id: 107970
-bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4690495"
+editedAt: DateTimeImmutable @1699708626 {#1556
date: 2023-11-11 14:17:06.0 +01:00
}
+createdAt: DateTimeImmutable @1699631376 {#1558
date: 2023-11-10 16:49:36.0 +01:00
}
+"title": 107970
} |
|
Show voter details
|
| 7 |
DENIED
|
edit
|
App\Entity\EntryComment {#1554
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591
+user: Proxies\__CG__\App\Entity\User {#2385 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1385 …}
+slug: "Have-I-successfully-blocked-ssh-logins-to-root"
+title: "Have I successfully blocked ssh logins to root?"
+url: null
+body: """
I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
\n
What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
\n
Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 20
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699784052 {#1721
date: 2023-11-12 11:14:12.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1405 …}
+votes: Doctrine\ORM\PersistentCollection {#1383 …}
+reports: Doctrine\ORM\PersistentCollection {#2393 …}
+favourites: Doctrine\ORM\PersistentCollection {#2036 …}
+notifications: Doctrine\ORM\PersistentCollection {#2013 …}
+badges: Doctrine\ORM\PersistentCollection {#2096 …}
+children: [
1 => App\Entity\EntryComment {#1554}
2 => App\Entity\EntryComment {#1695
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: null
+root: null
+body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699706825 {#1433
date: 2023-11-11 13:47:05.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@StarkZarn"
"@cyberwolfie@lemmy.ml"
]
+children: Doctrine\ORM\PersistentCollection {#1579 …}
+nested: Doctrine\ORM\PersistentCollection {#1577 …}
+votes: Doctrine\ORM\PersistentCollection {#1578 …}
+reports: Doctrine\ORM\PersistentCollection {#1571 …}
+favourites: Doctrine\ORM\PersistentCollection {#1574 …}
+notifications: Doctrine\ORM\PersistentCollection {#1667 …}
-id: 107881
-bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689737"
+editedAt: null
+createdAt: DateTimeImmutable @1699630012 {#1430
date: 2023-11-10 16:26:52.0 +01:00
}
+"title": 107881
}
0 => App\Entity\EntryComment {#1568
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1691 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
+lang: "en"
+isAdult: false
+favouriteCount: 10
+score: 0
+lastActive: DateTime @1699630241 {#1673
date: 2023-11-10 16:30:41.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
]
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1683 …}
+votes: Doctrine\ORM\PersistentCollection {#1702 …}
+reports: Doctrine\ORM\PersistentCollection {#1596 …}
+favourites: Doctrine\ORM\PersistentCollection {#1613 …}
+notifications: Doctrine\ORM\PersistentCollection {#1621 …}
-id: 107899
-bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689891"
+editedAt: null
+createdAt: DateTimeImmutable @1699630241 {#1560
date: 2023-11-10 16:30:41.0 +01:00
}
+"title": 107899
}
]
-id: 11766
-titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
-bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1699715739
+visibility: "visible "
+apId: "https://lemmy.ml/post/7770730"
+editedAt: null
+createdAt: DateTimeImmutable @1699629339 {#1697
date: 2023-11-10 16:15:39.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1565 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: """
It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
\n
Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
\n
Fail2ban *should* work with a different port without any further configuration but it might not.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1699631376 {#1557
date: 2023-11-10 16:49:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
"@siph@feddit.de"
]
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1566 …}
+votes: Doctrine\ORM\PersistentCollection {#1548 …}
+reports: Doctrine\ORM\PersistentCollection {#1550 …}
+favourites: Doctrine\ORM\PersistentCollection {#1525 …}
+notifications: Doctrine\ORM\PersistentCollection {#1527 …}
-id: 107970
-bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4690495"
+editedAt: DateTimeImmutable @1699708626 {#1556
date: 2023-11-11 14:17:06.0 +01:00
}
+createdAt: DateTimeImmutable @1699631376 {#1558
date: 2023-11-10 16:49:36.0 +01:00
}
+"title": 107970
} |
|
Show voter details
|
| 8 |
DENIED
|
moderate
|
App\Entity\EntryComment {#1554
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591
+user: Proxies\__CG__\App\Entity\User {#2385 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1385 …}
+slug: "Have-I-successfully-blocked-ssh-logins-to-root"
+title: "Have I successfully blocked ssh logins to root?"
+url: null
+body: """
I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
\n
What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
\n
Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 20
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699784052 {#1721
date: 2023-11-12 11:14:12.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1405 …}
+votes: Doctrine\ORM\PersistentCollection {#1383 …}
+reports: Doctrine\ORM\PersistentCollection {#2393 …}
+favourites: Doctrine\ORM\PersistentCollection {#2036 …}
+notifications: Doctrine\ORM\PersistentCollection {#2013 …}
+badges: Doctrine\ORM\PersistentCollection {#2096 …}
+children: [
1 => App\Entity\EntryComment {#1554}
2 => App\Entity\EntryComment {#1695
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: null
+root: null
+body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699706825 {#1433
date: 2023-11-11 13:47:05.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@StarkZarn"
"@cyberwolfie@lemmy.ml"
]
+children: Doctrine\ORM\PersistentCollection {#1579 …}
+nested: Doctrine\ORM\PersistentCollection {#1577 …}
+votes: Doctrine\ORM\PersistentCollection {#1578 …}
+reports: Doctrine\ORM\PersistentCollection {#1571 …}
+favourites: Doctrine\ORM\PersistentCollection {#1574 …}
+notifications: Doctrine\ORM\PersistentCollection {#1667 …}
-id: 107881
-bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689737"
+editedAt: null
+createdAt: DateTimeImmutable @1699630012 {#1430
date: 2023-11-10 16:26:52.0 +01:00
}
+"title": 107881
}
0 => App\Entity\EntryComment {#1568
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1691 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
+lang: "en"
+isAdult: false
+favouriteCount: 10
+score: 0
+lastActive: DateTime @1699630241 {#1673
date: 2023-11-10 16:30:41.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
]
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1683 …}
+votes: Doctrine\ORM\PersistentCollection {#1702 …}
+reports: Doctrine\ORM\PersistentCollection {#1596 …}
+favourites: Doctrine\ORM\PersistentCollection {#1613 …}
+notifications: Doctrine\ORM\PersistentCollection {#1621 …}
-id: 107899
-bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689891"
+editedAt: null
+createdAt: DateTimeImmutable @1699630241 {#1560
date: 2023-11-10 16:30:41.0 +01:00
}
+"title": 107899
}
]
-id: 11766
-titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
-bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1699715739
+visibility: "visible "
+apId: "https://lemmy.ml/post/7770730"
+editedAt: null
+createdAt: DateTimeImmutable @1699629339 {#1697
date: 2023-11-10 16:15:39.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1565 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: """
It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
\n
Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
\n
Fail2ban *should* work with a different port without any further configuration but it might not.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1699631376 {#1557
date: 2023-11-10 16:49:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
"@siph@feddit.de"
]
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1566 …}
+votes: Doctrine\ORM\PersistentCollection {#1548 …}
+reports: Doctrine\ORM\PersistentCollection {#1550 …}
+favourites: Doctrine\ORM\PersistentCollection {#1525 …}
+notifications: Doctrine\ORM\PersistentCollection {#1527 …}
-id: 107970
-bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4690495"
+editedAt: DateTimeImmutable @1699708626 {#1556
date: 2023-11-11 14:17:06.0 +01:00
}
+createdAt: DateTimeImmutable @1699631376 {#1558
date: 2023-11-10 16:49:36.0 +01:00
}
+"title": 107970
} |
|
Show voter details
|
| 9 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 10 |
DENIED
|
moderate
|
App\Entity\EntryComment {#1695
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591
+user: Proxies\__CG__\App\Entity\User {#2385 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1385 …}
+slug: "Have-I-successfully-blocked-ssh-logins-to-root"
+title: "Have I successfully blocked ssh logins to root?"
+url: null
+body: """
I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
\n
What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
\n
Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 20
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699784052 {#1721
date: 2023-11-12 11:14:12.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1405 …}
+votes: Doctrine\ORM\PersistentCollection {#1383 …}
+reports: Doctrine\ORM\PersistentCollection {#2393 …}
+favourites: Doctrine\ORM\PersistentCollection {#2036 …}
+notifications: Doctrine\ORM\PersistentCollection {#2013 …}
+badges: Doctrine\ORM\PersistentCollection {#2096 …}
+children: [
1 => App\Entity\EntryComment {#1554
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1565 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: """
It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
\n
Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
\n
Fail2ban *should* work with a different port without any further configuration but it might not.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1699631376 {#1557
date: 2023-11-10 16:49:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
"@siph@feddit.de"
]
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1566 …}
+votes: Doctrine\ORM\PersistentCollection {#1548 …}
+reports: Doctrine\ORM\PersistentCollection {#1550 …}
+favourites: Doctrine\ORM\PersistentCollection {#1525 …}
+notifications: Doctrine\ORM\PersistentCollection {#1527 …}
-id: 107970
-bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4690495"
+editedAt: DateTimeImmutable @1699708626 {#1556
date: 2023-11-11 14:17:06.0 +01:00
}
+createdAt: DateTimeImmutable @1699631376 {#1558
date: 2023-11-10 16:49:36.0 +01:00
}
+"title": 107970
}
2 => App\Entity\EntryComment {#1695}
0 => App\Entity\EntryComment {#1568
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1691 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
+lang: "en"
+isAdult: false
+favouriteCount: 10
+score: 0
+lastActive: DateTime @1699630241 {#1673
date: 2023-11-10 16:30:41.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
]
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1683 …}
+votes: Doctrine\ORM\PersistentCollection {#1702 …}
+reports: Doctrine\ORM\PersistentCollection {#1596 …}
+favourites: Doctrine\ORM\PersistentCollection {#1613 …}
+notifications: Doctrine\ORM\PersistentCollection {#1621 …}
-id: 107899
-bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689891"
+editedAt: null
+createdAt: DateTimeImmutable @1699630241 {#1560
date: 2023-11-10 16:30:41.0 +01:00
}
+"title": 107899
}
]
-id: 11766
-titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
-bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1699715739
+visibility: "visible "
+apId: "https://lemmy.ml/post/7770730"
+editedAt: null
+createdAt: DateTimeImmutable @1699629339 {#1697
date: 2023-11-10 16:15:39.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: null
+root: null
+body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699706825 {#1433
date: 2023-11-11 13:47:05.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@StarkZarn"
"@cyberwolfie@lemmy.ml"
]
+children: Doctrine\ORM\PersistentCollection {#1579 …}
+nested: Doctrine\ORM\PersistentCollection {#1577 …}
+votes: Doctrine\ORM\PersistentCollection {#1578 …}
+reports: Doctrine\ORM\PersistentCollection {#1571 …}
+favourites: Doctrine\ORM\PersistentCollection {#1574 …}
+notifications: Doctrine\ORM\PersistentCollection {#1667 …}
-id: 107881
-bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689737"
+editedAt: null
+createdAt: DateTimeImmutable @1699630012 {#1430
date: 2023-11-10 16:26:52.0 +01:00
}
+"title": 107881
} |
|
Show voter details
|
| 11 |
DENIED
|
edit
|
App\Entity\EntryComment {#1695
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591
+user: Proxies\__CG__\App\Entity\User {#2385 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1385 …}
+slug: "Have-I-successfully-blocked-ssh-logins-to-root"
+title: "Have I successfully blocked ssh logins to root?"
+url: null
+body: """
I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
\n
What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
\n
Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 20
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699784052 {#1721
date: 2023-11-12 11:14:12.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1405 …}
+votes: Doctrine\ORM\PersistentCollection {#1383 …}
+reports: Doctrine\ORM\PersistentCollection {#2393 …}
+favourites: Doctrine\ORM\PersistentCollection {#2036 …}
+notifications: Doctrine\ORM\PersistentCollection {#2013 …}
+badges: Doctrine\ORM\PersistentCollection {#2096 …}
+children: [
1 => App\Entity\EntryComment {#1554
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1565 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: """
It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
\n
Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
\n
Fail2ban *should* work with a different port without any further configuration but it might not.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1699631376 {#1557
date: 2023-11-10 16:49:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
"@siph@feddit.de"
]
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1566 …}
+votes: Doctrine\ORM\PersistentCollection {#1548 …}
+reports: Doctrine\ORM\PersistentCollection {#1550 …}
+favourites: Doctrine\ORM\PersistentCollection {#1525 …}
+notifications: Doctrine\ORM\PersistentCollection {#1527 …}
-id: 107970
-bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4690495"
+editedAt: DateTimeImmutable @1699708626 {#1556
date: 2023-11-11 14:17:06.0 +01:00
}
+createdAt: DateTimeImmutable @1699631376 {#1558
date: 2023-11-10 16:49:36.0 +01:00
}
+"title": 107970
}
2 => App\Entity\EntryComment {#1695}
0 => App\Entity\EntryComment {#1568
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1691 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
+lang: "en"
+isAdult: false
+favouriteCount: 10
+score: 0
+lastActive: DateTime @1699630241 {#1673
date: 2023-11-10 16:30:41.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
]
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1683 …}
+votes: Doctrine\ORM\PersistentCollection {#1702 …}
+reports: Doctrine\ORM\PersistentCollection {#1596 …}
+favourites: Doctrine\ORM\PersistentCollection {#1613 …}
+notifications: Doctrine\ORM\PersistentCollection {#1621 …}
-id: 107899
-bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689891"
+editedAt: null
+createdAt: DateTimeImmutable @1699630241 {#1560
date: 2023-11-10 16:30:41.0 +01:00
}
+"title": 107899
}
]
-id: 11766
-titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
-bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1699715739
+visibility: "visible "
+apId: "https://lemmy.ml/post/7770730"
+editedAt: null
+createdAt: DateTimeImmutable @1699629339 {#1697
date: 2023-11-10 16:15:39.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: null
+root: null
+body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699706825 {#1433
date: 2023-11-11 13:47:05.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@StarkZarn"
"@cyberwolfie@lemmy.ml"
]
+children: Doctrine\ORM\PersistentCollection {#1579 …}
+nested: Doctrine\ORM\PersistentCollection {#1577 …}
+votes: Doctrine\ORM\PersistentCollection {#1578 …}
+reports: Doctrine\ORM\PersistentCollection {#1571 …}
+favourites: Doctrine\ORM\PersistentCollection {#1574 …}
+notifications: Doctrine\ORM\PersistentCollection {#1667 …}
-id: 107881
-bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689737"
+editedAt: null
+createdAt: DateTimeImmutable @1699630012 {#1430
date: 2023-11-10 16:26:52.0 +01:00
}
+"title": 107881
} |
|
Show voter details
|
| 12 |
DENIED
|
moderate
|
App\Entity\EntryComment {#1695
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591
+user: Proxies\__CG__\App\Entity\User {#2385 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1385 …}
+slug: "Have-I-successfully-blocked-ssh-logins-to-root"
+title: "Have I successfully blocked ssh logins to root?"
+url: null
+body: """
I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
\n
What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
\n
Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 20
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699784052 {#1721
date: 2023-11-12 11:14:12.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1405 …}
+votes: Doctrine\ORM\PersistentCollection {#1383 …}
+reports: Doctrine\ORM\PersistentCollection {#2393 …}
+favourites: Doctrine\ORM\PersistentCollection {#2036 …}
+notifications: Doctrine\ORM\PersistentCollection {#2013 …}
+badges: Doctrine\ORM\PersistentCollection {#2096 …}
+children: [
1 => App\Entity\EntryComment {#1554
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1565 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: """
It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
\n
Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
\n
Fail2ban *should* work with a different port without any further configuration but it might not.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1699631376 {#1557
date: 2023-11-10 16:49:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
"@siph@feddit.de"
]
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1566 …}
+votes: Doctrine\ORM\PersistentCollection {#1548 …}
+reports: Doctrine\ORM\PersistentCollection {#1550 …}
+favourites: Doctrine\ORM\PersistentCollection {#1525 …}
+notifications: Doctrine\ORM\PersistentCollection {#1527 …}
-id: 107970
-bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4690495"
+editedAt: DateTimeImmutable @1699708626 {#1556
date: 2023-11-11 14:17:06.0 +01:00
}
+createdAt: DateTimeImmutable @1699631376 {#1558
date: 2023-11-10 16:49:36.0 +01:00
}
+"title": 107970
}
2 => App\Entity\EntryComment {#1695}
0 => App\Entity\EntryComment {#1568
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1691 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
+lang: "en"
+isAdult: false
+favouriteCount: 10
+score: 0
+lastActive: DateTime @1699630241 {#1673
date: 2023-11-10 16:30:41.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
]
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1683 …}
+votes: Doctrine\ORM\PersistentCollection {#1702 …}
+reports: Doctrine\ORM\PersistentCollection {#1596 …}
+favourites: Doctrine\ORM\PersistentCollection {#1613 …}
+notifications: Doctrine\ORM\PersistentCollection {#1621 …}
-id: 107899
-bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689891"
+editedAt: null
+createdAt: DateTimeImmutable @1699630241 {#1560
date: 2023-11-10 16:30:41.0 +01:00
}
+"title": 107899
}
]
-id: 11766
-titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
-bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1699715739
+visibility: "visible "
+apId: "https://lemmy.ml/post/7770730"
+editedAt: null
+createdAt: DateTimeImmutable @1699629339 {#1697
date: 2023-11-10 16:15:39.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: null
+root: null
+body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699706825 {#1433
date: 2023-11-11 13:47:05.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@StarkZarn"
"@cyberwolfie@lemmy.ml"
]
+children: Doctrine\ORM\PersistentCollection {#1579 …}
+nested: Doctrine\ORM\PersistentCollection {#1577 …}
+votes: Doctrine\ORM\PersistentCollection {#1578 …}
+reports: Doctrine\ORM\PersistentCollection {#1571 …}
+favourites: Doctrine\ORM\PersistentCollection {#1574 …}
+notifications: Doctrine\ORM\PersistentCollection {#1667 …}
-id: 107881
-bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689737"
+editedAt: null
+createdAt: DateTimeImmutable @1699630012 {#1430
date: 2023-11-10 16:26:52.0 +01:00
}
+"title": 107881
} |
|
Show voter details
|
| 13 |
DENIED
|
ROLE_USER
|
null |
|
Show voter details
|
| 14 |
DENIED
|
moderate
|
App\Entity\EntryComment {#1568
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591
+user: Proxies\__CG__\App\Entity\User {#2385 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1385 …}
+slug: "Have-I-successfully-blocked-ssh-logins-to-root"
+title: "Have I successfully blocked ssh logins to root?"
+url: null
+body: """
I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
\n
What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
\n
Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 20
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699784052 {#1721
date: 2023-11-12 11:14:12.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1405 …}
+votes: Doctrine\ORM\PersistentCollection {#1383 …}
+reports: Doctrine\ORM\PersistentCollection {#2393 …}
+favourites: Doctrine\ORM\PersistentCollection {#2036 …}
+notifications: Doctrine\ORM\PersistentCollection {#2013 …}
+badges: Doctrine\ORM\PersistentCollection {#2096 …}
+children: [
1 => App\Entity\EntryComment {#1554
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1565 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: """
It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
\n
Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
\n
Fail2ban *should* work with a different port without any further configuration but it might not.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1699631376 {#1557
date: 2023-11-10 16:49:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
"@siph@feddit.de"
]
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1566 …}
+votes: Doctrine\ORM\PersistentCollection {#1548 …}
+reports: Doctrine\ORM\PersistentCollection {#1550 …}
+favourites: Doctrine\ORM\PersistentCollection {#1525 …}
+notifications: Doctrine\ORM\PersistentCollection {#1527 …}
-id: 107970
-bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4690495"
+editedAt: DateTimeImmutable @1699708626 {#1556
date: 2023-11-11 14:17:06.0 +01:00
}
+createdAt: DateTimeImmutable @1699631376 {#1558
date: 2023-11-10 16:49:36.0 +01:00
}
+"title": 107970
}
2 => App\Entity\EntryComment {#1695
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: null
+root: null
+body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699706825 {#1433
date: 2023-11-11 13:47:05.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@StarkZarn"
"@cyberwolfie@lemmy.ml"
]
+children: Doctrine\ORM\PersistentCollection {#1579 …}
+nested: Doctrine\ORM\PersistentCollection {#1577 …}
+votes: Doctrine\ORM\PersistentCollection {#1578 …}
+reports: Doctrine\ORM\PersistentCollection {#1571 …}
+favourites: Doctrine\ORM\PersistentCollection {#1574 …}
+notifications: Doctrine\ORM\PersistentCollection {#1667 …}
-id: 107881
-bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689737"
+editedAt: null
+createdAt: DateTimeImmutable @1699630012 {#1430
date: 2023-11-10 16:26:52.0 +01:00
}
+"title": 107881
}
0 => App\Entity\EntryComment {#1568}
]
-id: 11766
-titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
-bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1699715739
+visibility: "visible "
+apId: "https://lemmy.ml/post/7770730"
+editedAt: null
+createdAt: DateTimeImmutable @1699629339 {#1697
date: 2023-11-10 16:15:39.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1691 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
+lang: "en"
+isAdult: false
+favouriteCount: 10
+score: 0
+lastActive: DateTime @1699630241 {#1673
date: 2023-11-10 16:30:41.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
]
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1683 …}
+votes: Doctrine\ORM\PersistentCollection {#1702 …}
+reports: Doctrine\ORM\PersistentCollection {#1596 …}
+favourites: Doctrine\ORM\PersistentCollection {#1613 …}
+notifications: Doctrine\ORM\PersistentCollection {#1621 …}
-id: 107899
-bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689891"
+editedAt: null
+createdAt: DateTimeImmutable @1699630241 {#1560
date: 2023-11-10 16:30:41.0 +01:00
}
+"title": 107899
} |
|
Show voter details
|
| 15 |
DENIED
|
edit
|
App\Entity\EntryComment {#1568
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591
+user: Proxies\__CG__\App\Entity\User {#2385 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1385 …}
+slug: "Have-I-successfully-blocked-ssh-logins-to-root"
+title: "Have I successfully blocked ssh logins to root?"
+url: null
+body: """
I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
\n
What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
\n
Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 20
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699784052 {#1721
date: 2023-11-12 11:14:12.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1405 …}
+votes: Doctrine\ORM\PersistentCollection {#1383 …}
+reports: Doctrine\ORM\PersistentCollection {#2393 …}
+favourites: Doctrine\ORM\PersistentCollection {#2036 …}
+notifications: Doctrine\ORM\PersistentCollection {#2013 …}
+badges: Doctrine\ORM\PersistentCollection {#2096 …}
+children: [
1 => App\Entity\EntryComment {#1554
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1565 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: """
It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
\n
Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
\n
Fail2ban *should* work with a different port without any further configuration but it might not.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1699631376 {#1557
date: 2023-11-10 16:49:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
"@siph@feddit.de"
]
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1566 …}
+votes: Doctrine\ORM\PersistentCollection {#1548 …}
+reports: Doctrine\ORM\PersistentCollection {#1550 …}
+favourites: Doctrine\ORM\PersistentCollection {#1525 …}
+notifications: Doctrine\ORM\PersistentCollection {#1527 …}
-id: 107970
-bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4690495"
+editedAt: DateTimeImmutable @1699708626 {#1556
date: 2023-11-11 14:17:06.0 +01:00
}
+createdAt: DateTimeImmutable @1699631376 {#1558
date: 2023-11-10 16:49:36.0 +01:00
}
+"title": 107970
}
2 => App\Entity\EntryComment {#1695
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: null
+root: null
+body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699706825 {#1433
date: 2023-11-11 13:47:05.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@StarkZarn"
"@cyberwolfie@lemmy.ml"
]
+children: Doctrine\ORM\PersistentCollection {#1579 …}
+nested: Doctrine\ORM\PersistentCollection {#1577 …}
+votes: Doctrine\ORM\PersistentCollection {#1578 …}
+reports: Doctrine\ORM\PersistentCollection {#1571 …}
+favourites: Doctrine\ORM\PersistentCollection {#1574 …}
+notifications: Doctrine\ORM\PersistentCollection {#1667 …}
-id: 107881
-bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689737"
+editedAt: null
+createdAt: DateTimeImmutable @1699630012 {#1430
date: 2023-11-10 16:26:52.0 +01:00
}
+"title": 107881
}
0 => App\Entity\EntryComment {#1568}
]
-id: 11766
-titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
-bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1699715739
+visibility: "visible "
+apId: "https://lemmy.ml/post/7770730"
+editedAt: null
+createdAt: DateTimeImmutable @1699629339 {#1697
date: 2023-11-10 16:15:39.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1691 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
+lang: "en"
+isAdult: false
+favouriteCount: 10
+score: 0
+lastActive: DateTime @1699630241 {#1673
date: 2023-11-10 16:30:41.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
]
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1683 …}
+votes: Doctrine\ORM\PersistentCollection {#1702 …}
+reports: Doctrine\ORM\PersistentCollection {#1596 …}
+favourites: Doctrine\ORM\PersistentCollection {#1613 …}
+notifications: Doctrine\ORM\PersistentCollection {#1621 …}
-id: 107899
-bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689891"
+editedAt: null
+createdAt: DateTimeImmutable @1699630241 {#1560
date: 2023-11-10 16:30:41.0 +01:00
}
+"title": 107899
} |
|
Show voter details
|
| 16 |
DENIED
|
moderate
|
App\Entity\EntryComment {#1568
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591
+user: Proxies\__CG__\App\Entity\User {#2385 …}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+domain: Proxies\__CG__\App\Entity\Domain {#1385 …}
+slug: "Have-I-successfully-blocked-ssh-logins-to-root"
+title: "Have I successfully blocked ssh logins to root?"
+url: null
+body: """
I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
\n
What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
\n
Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
"""
+type: "article"
+lang: "en"
+isOc: false
+hasEmbed: false
+commentCount: 20
+favouriteCount: 36
+score: 0
+isAdult: false
+sticky: false
+lastActive: DateTime @1699784052 {#1721
date: 2023-11-12 11:14:12.0 +01:00
}
+ip: null
+adaAmount: 0
+tags: null
+mentions: null
+comments: Doctrine\ORM\PersistentCollection {#1405 …}
+votes: Doctrine\ORM\PersistentCollection {#1383 …}
+reports: Doctrine\ORM\PersistentCollection {#2393 …}
+favourites: Doctrine\ORM\PersistentCollection {#2036 …}
+notifications: Doctrine\ORM\PersistentCollection {#2013 …}
+badges: Doctrine\ORM\PersistentCollection {#2096 …}
+children: [
1 => App\Entity\EntryComment {#1554
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1565 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: """
It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
\n
Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
\n
Fail2ban *should* work with a different port without any further configuration but it might not.
"""
+lang: "en"
+isAdult: false
+favouriteCount: 2
+score: 0
+lastActive: DateTime @1699631376 {#1557
date: 2023-11-10 16:49:36.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
"@siph@feddit.de"
]
+children: Doctrine\ORM\PersistentCollection {#1562 …}
+nested: Doctrine\ORM\PersistentCollection {#1566 …}
+votes: Doctrine\ORM\PersistentCollection {#1548 …}
+reports: Doctrine\ORM\PersistentCollection {#1550 …}
+favourites: Doctrine\ORM\PersistentCollection {#1525 …}
+notifications: Doctrine\ORM\PersistentCollection {#1527 …}
-id: 107970
-bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4690495"
+editedAt: DateTimeImmutable @1699708626 {#1556
date: 2023-11-11 14:17:06.0 +01:00
}
+createdAt: DateTimeImmutable @1699631376 {#1558
date: 2023-11-10 16:49:36.0 +01:00
}
+"title": 107970
}
2 => App\Entity\EntryComment {#1695
+user: App\Entity\User {#264 …}
+entry: Proxies\__CG__\App\Entity\Entry {#1591 …2}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: null
+root: null
+body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
+lang: "en"
+isAdult: false
+favouriteCount: 1
+score: 0
+lastActive: DateTime @1699706825 {#1433
date: 2023-11-11 13:47:05.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@StarkZarn"
"@cyberwolfie@lemmy.ml"
]
+children: Doctrine\ORM\PersistentCollection {#1579 …}
+nested: Doctrine\ORM\PersistentCollection {#1577 …}
+votes: Doctrine\ORM\PersistentCollection {#1578 …}
+reports: Doctrine\ORM\PersistentCollection {#1571 …}
+favourites: Doctrine\ORM\PersistentCollection {#1574 …}
+notifications: Doctrine\ORM\PersistentCollection {#1667 …}
-id: 107881
-bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689737"
+editedAt: null
+createdAt: DateTimeImmutable @1699630012 {#1430
date: 2023-11-10 16:26:52.0 +01:00
}
+"title": 107881
}
0 => App\Entity\EntryComment {#1568}
]
-id: 11766
-titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
-bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
+cross: false
+upVotes: 0
+downVotes: 0
+ranking: 1699715739
+visibility: "visible "
+apId: "https://lemmy.ml/post/7770730"
+editedAt: null
+createdAt: DateTimeImmutable @1699629339 {#1697
date: 2023-11-10 16:15:39.0 +01:00
}
+__isInitialized__: true
…2
}
+magazine: Proxies\__CG__\App\Entity\Magazine {#1584 …}
+image: null
+parent: Proxies\__CG__\App\Entity\EntryComment {#1691 …}
+root: Proxies\__CG__\App\Entity\EntryComment {#1686 …}
+body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
+lang: "en"
+isAdult: false
+favouriteCount: 10
+score: 0
+lastActive: DateTime @1699630241 {#1673
date: 2023-11-10 16:30:41.0 +01:00
}
+ip: null
+tags: null
+mentions: [
"@cyberwolfie@lemmy.ml"
"@starkzarn@infosec.pub"
]
+children: Doctrine\ORM\PersistentCollection {#1680 …}
+nested: Doctrine\ORM\PersistentCollection {#1683 …}
+votes: Doctrine\ORM\PersistentCollection {#1702 …}
+reports: Doctrine\ORM\PersistentCollection {#1596 …}
+favourites: Doctrine\ORM\PersistentCollection {#1613 …}
+notifications: Doctrine\ORM\PersistentCollection {#1621 …}
-id: 107899
-bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
+ranking: 0
+commentCount: 0
+upVotes: 0
+downVotes: 0
+visibility: "visible "
+apId: "https://feddit.de/comment/4689891"
+editedAt: null
+createdAt: DateTimeImmutable @1699630241 {#1560
date: 2023-11-10 16:30:41.0 +01:00
}
+"title": 107899
} |
|
Show voter details
|
| 17 |
DENIED
|
ROLE_ADMIN
|
null |
|
Show voter details
|
| 18 |
DENIED
|
ROLE_MODERATOR
|
null |
|
Show voter details
|