Symfony Profiler

Security

Token

There is no security token.

Firewall

main Name

Security enabled

Stateless

Configuration

Key	Value
provider	security.user.provider.concrete.app_user_provider
context	main
entry_point	App\Security\KbinAuthenticator
user_checker	App\Security\UserChecker
access_denied_handler	(none)
access_denied_url	(none)
authenticators	[`"two_factor" "remember_me" "App\Security\KbinAuthenticator" "App\Security\FacebookAuthenticator" "App\Security\GoogleAuthenticator" "App\Security\GithubAuthenticator" "App\Security\KeycloakAuthenticator"`]

Listeners

Listener	Duration	Response
Symfony\Component\Security\Http\Firewall\ChannelListener {#723`-map: Symfony\Component\Security\Http\AccessMap {#722 …} -logger: Monolog\Logger {#783 …} -httpPort: 80 -httpsPort: 443`}	0.00 ms	(none)
Symfony\Component\Security\Http\Firewall\ContextListener {#706-tokenStorage: Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage {#1017 …} -sessionKey: "_security_main" -logger: Monolog\Logger {#783 …} -userProviders: Symfony\Component\DependencyInjection\Argument\RewindableGenerator {#705 …} -dispatcher: Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher {#747 …} -registered: false -trustResolver: Scheb\TwoFactorBundle\Security\Authentication\AuthenticationTrustResolver {#780 …} -sessionTrackerEnabler: Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage::enableUsageTracking(): void {#703 …}}	0.78 ms	(none)
Symfony\Component\Security\Http\Firewall\AuthenticatorManagerListener {#584`-authenticatorManager: Symfony\Component\Security\Http\Authentication\AuthenticatorManager {#595 …}`}	0.00 ms	(none)
Scheb\TwoFactorBundle\Security\Http\Firewall\TwoFactorAccessListener {#582`-twoFactorFirewallConfig: Scheb\TwoFactorBundle\Security\TwoFactor\TwoFactorFirewallConfig {#842 …} -tokenStorage: Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage {#1018 …} -twoFactorAccessDecider: Scheb\TwoFactorBundle\Security\Authorization\TwoFactorAccessDecider {#581 …}`}	0.04 ms	(none)
Symfony\Component\Security\Http\Firewall\AccessListener {#579`-tokenStorage: Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage {#1018 …} -accessDecisionManager: Symfony\Component\Security\Core\Authorization\TraceableAccessDecisionManager {#937 …} -map: Symfony\Component\Security\Http\AccessMap {#722 …}`}	0.00 ms	(none)
Symfony\Component\Security\Http\Firewall\LogoutListener {#786`-tokenStorage: Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage {#1018 …} -options: [ "csrf_parameter" => "_csrf_token" "csrf_token_id" => "logout" "logout_path" => "app_logout" ] -httpUtils: Symfony\Component\Security\Http\HttpUtils {#841 …} -csrfTokenManager: Symfony\Component\Security\Csrf\CsrfTokenManager {#1015 …} -eventDispatcher: Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher {#747 …}`}	0.00 ms	(none)

Authenticators

No authenticators have been recorded. Check previous profiles on your authentication endpoint.

Access Decision

affirmative Strategy


"Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter"
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
"Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter"
"Symfony\Component\Security\Core\Authorization\Voter\ExpressionVoter"
"App\Security\Voter\EntryCommentVoter"
"App\Security\Voter\EntryVoter"
"App\Security\Voter\MagazineVoter"
"App\Security\Voter\MessageThreadVoter"
"App\Security\Voter\MessageVoter"
"App\Security\Voter\NotificationVoter"
"App\Security\Voter\OAuth2UserConsentVoter"
"App\Security\Voter\PostCommentVoter"
"App\Security\Voter\PostVoter"
"App\Security\Voter\UserVoter"

#	Voter class
1	"Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter"
2	"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
3	"Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter"
4	"Symfony\Component\Security\Core\Authorization\Voter\ExpressionVoter"
5	"App\Security\Voter\EntryCommentVoter"
6	"App\Security\Voter\EntryVoter"
7	"App\Security\Voter\MagazineVoter"
8	"App\Security\Voter\MessageThreadVoter"
9	"App\Security\Voter\MessageVoter"
10	"App\Security\Voter\NotificationVoter"
11	"App\Security\Voter\OAuth2UserConsentVoter"
12	"App\Security\Voter\PostCommentVoter"
13	"App\Security\Voter\PostVoter"
14	"App\Security\Voter\UserVoter"

Access decision log


null
"App\Security\Voter\UserVoter"
App\Entity\Entry {#2419
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +magazine: App\Entity\Magazine {#265
    +icon: Proxies\__CG__\App\Entity\Image {#246 …}
    +name: "linux@lemmy.ml"
    +title: "linux"
    +description: """
      From Wikipedia, the free encyclopedia\n
      \n
      Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
      \n
      Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
      \n
      ### Rules\n
      \n
      - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
      - No misinformation\n
      - No NSFW content\n
      - No hate speech, bigotry, etc\n
      \n
      ### Related Communities\n
      \n
      - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
      - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
      - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
      - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
      \n
      Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
      """
    +rules: null
    +subscriptionsCount: 1
    +entryCount: 1406
    +entryCommentCount: 28632
    +postCount: 6
    +postCommentCount: 214
    +isAdult: false
    +customCss: null
    +lastActive: DateTime @1729583542 {#275
      date: 2024-10-22 09:52:22.0 +02:00
    }
    +markedForDeletionAt: null
    +tags: null
    +moderators: Doctrine\ORM\PersistentCollection {#237 …}
    +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
    +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
    +entries: Doctrine\ORM\PersistentCollection {#180 …}
    +posts: Doctrine\ORM\PersistentCollection {#138 …}
    +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
    +bans: Doctrine\ORM\PersistentCollection {#117 …}
    +reports: Doctrine\ORM\PersistentCollection {#103 …}
    +badges: Doctrine\ORM\PersistentCollection {#81 …}
    +logs: Doctrine\ORM\PersistentCollection {#71 …}
    +awards: Doctrine\ORM\PersistentCollection {#1346 …}
    +categories: Doctrine\ORM\PersistentCollection {#1823 …}
    -id: 73
    +apId: "linux@lemmy.ml"
    +apProfileId: "https://lemmy.ml/c/linux"
    +apPublicUrl: "https://lemmy.ml/c/linux"
    +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
    +apInboxUrl: "https://lemmy.ml/inbox"
    +apDomain: "lemmy.ml"
    +apPreferredUsername: "linux"
    +apDiscoverable: true
    +apManuallyApprovesFollowers: null
    +privateKey: null
    +publicKey: null
    +apFetchedAt: DateTime @1729583596 {#269
      date: 2024-10-22 09:53:16.0 +02:00
    }
    +apDeletedAt: null
    +apTimeoutAt: null
    +visibility: "visible             "
    +createdAt: DateTimeImmutable @1698929468 {#271
      date: 2023-11-02 13:51:08.0 +01:00
    }
  }
  +image: null
  +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
  +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
  +title: "Have I successfully blocked ssh logins to root?"
  +url: null
  +body: """
    I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
    \n
    What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
    \n
    Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
    """
  +type: "article"
  +lang: "en"
  +isOc: false
  +hasEmbed: false
  +commentCount: 20
  +favouriteCount: 36
  +score: 0
  +isAdult: false
  +sticky: false
  +lastActive: DateTime @1699784052 {#2414
    date: 2023-11-12 11:14:12.0 +01:00
  }
  +ip: null
  +adaAmount: 0
  +tags: null
  +mentions: null
  +comments: Doctrine\ORM\PersistentCollection {#1884 …}
  +votes: Doctrine\ORM\PersistentCollection {#1973 …}
  +reports: Doctrine\ORM\PersistentCollection {#1959 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
  +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
  +badges: Doctrine\ORM\PersistentCollection {#2440 …}
  +children: []
  -id: 11766
  -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
  -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
  +cross: false
  +upVotes: 0
  +downVotes: 0
  +ranking: 1699715739
  +visibility: "visible             "
  +apId: "https://lemmy.ml/post/7770730"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699629339 {#1793
    date: 2023-11-10 16:15:39.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\Entry {#2419
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +magazine: App\Entity\Magazine {#265
    +icon: Proxies\__CG__\App\Entity\Image {#246 …}
    +name: "linux@lemmy.ml"
    +title: "linux"
    +description: """
      From Wikipedia, the free encyclopedia\n
      \n
      Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
      \n
      Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
      \n
      ### Rules\n
      \n
      - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
      - No misinformation\n
      - No NSFW content\n
      - No hate speech, bigotry, etc\n
      \n
      ### Related Communities\n
      \n
      - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
      - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
      - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
      - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
      \n
      Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
      """
    +rules: null
    +subscriptionsCount: 1
    +entryCount: 1406
    +entryCommentCount: 28632
    +postCount: 6
    +postCommentCount: 214
    +isAdult: false
    +customCss: null
    +lastActive: DateTime @1729583542 {#275
      date: 2024-10-22 09:52:22.0 +02:00
    }
    +markedForDeletionAt: null
    +tags: null
    +moderators: Doctrine\ORM\PersistentCollection {#237 …}
    +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
    +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
    +entries: Doctrine\ORM\PersistentCollection {#180 …}
    +posts: Doctrine\ORM\PersistentCollection {#138 …}
    +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
    +bans: Doctrine\ORM\PersistentCollection {#117 …}
    +reports: Doctrine\ORM\PersistentCollection {#103 …}
    +badges: Doctrine\ORM\PersistentCollection {#81 …}
    +logs: Doctrine\ORM\PersistentCollection {#71 …}
    +awards: Doctrine\ORM\PersistentCollection {#1346 …}
    +categories: Doctrine\ORM\PersistentCollection {#1823 …}
    -id: 73
    +apId: "linux@lemmy.ml"
    +apProfileId: "https://lemmy.ml/c/linux"
    +apPublicUrl: "https://lemmy.ml/c/linux"
    +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
    +apInboxUrl: "https://lemmy.ml/inbox"
    +apDomain: "lemmy.ml"
    +apPreferredUsername: "linux"
    +apDiscoverable: true
    +apManuallyApprovesFollowers: null
    +privateKey: null
    +publicKey: null
    +apFetchedAt: DateTime @1729583596 {#269
      date: 2024-10-22 09:53:16.0 +02:00
    }
    +apDeletedAt: null
    +apTimeoutAt: null
    +visibility: "visible             "
    +createdAt: DateTimeImmutable @1698929468 {#271
      date: 2023-11-02 13:51:08.0 +01:00
    }
  }
  +image: null
  +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
  +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
  +title: "Have I successfully blocked ssh logins to root?"
  +url: null
  +body: """
    I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
    \n
    What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
    \n
    Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
    """
  +type: "article"
  +lang: "en"
  +isOc: false
  +hasEmbed: false
  +commentCount: 20
  +favouriteCount: 36
  +score: 0
  +isAdult: false
  +sticky: false
  +lastActive: DateTime @1699784052 {#2414
    date: 2023-11-12 11:14:12.0 +01:00
  }
  +ip: null
  +adaAmount: 0
  +tags: null
  +mentions: null
  +comments: Doctrine\ORM\PersistentCollection {#1884 …}
  +votes: Doctrine\ORM\PersistentCollection {#1973 …}
  +reports: Doctrine\ORM\PersistentCollection {#1959 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
  +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
  +badges: Doctrine\ORM\PersistentCollection {#2440 …}
  +children: []
  -id: 11766
  -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
  -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
  +cross: false
  +upVotes: 0
  +downVotes: 0
  +ranking: 1699715739
  +visibility: "visible             "
  +apId: "https://lemmy.ml/post/7770730"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699629339 {#1793
    date: 2023-11-10 16:15:39.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\Entry {#2419
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +magazine: App\Entity\Magazine {#265
    +icon: Proxies\__CG__\App\Entity\Image {#246 …}
    +name: "linux@lemmy.ml"
    +title: "linux"
    +description: """
      From Wikipedia, the free encyclopedia\n
      \n
      Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
      \n
      Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
      \n
      ### Rules\n
      \n
      - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
      - No misinformation\n
      - No NSFW content\n
      - No hate speech, bigotry, etc\n
      \n
      ### Related Communities\n
      \n
      - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
      - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
      - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
      - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
      \n
      Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
      """
    +rules: null
    +subscriptionsCount: 1
    +entryCount: 1406
    +entryCommentCount: 28632
    +postCount: 6
    +postCommentCount: 214
    +isAdult: false
    +customCss: null
    +lastActive: DateTime @1729583542 {#275
      date: 2024-10-22 09:52:22.0 +02:00
    }
    +markedForDeletionAt: null
    +tags: null
    +moderators: Doctrine\ORM\PersistentCollection {#237 …}
    +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
    +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
    +entries: Doctrine\ORM\PersistentCollection {#180 …}
    +posts: Doctrine\ORM\PersistentCollection {#138 …}
    +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
    +bans: Doctrine\ORM\PersistentCollection {#117 …}
    +reports: Doctrine\ORM\PersistentCollection {#103 …}
    +badges: Doctrine\ORM\PersistentCollection {#81 …}
    +logs: Doctrine\ORM\PersistentCollection {#71 …}
    +awards: Doctrine\ORM\PersistentCollection {#1346 …}
    +categories: Doctrine\ORM\PersistentCollection {#1823 …}
    -id: 73
    +apId: "linux@lemmy.ml"
    +apProfileId: "https://lemmy.ml/c/linux"
    +apPublicUrl: "https://lemmy.ml/c/linux"
    +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
    +apInboxUrl: "https://lemmy.ml/inbox"
    +apDomain: "lemmy.ml"
    +apPreferredUsername: "linux"
    +apDiscoverable: true
    +apManuallyApprovesFollowers: null
    +privateKey: null
    +publicKey: null
    +apFetchedAt: DateTime @1729583596 {#269
      date: 2024-10-22 09:53:16.0 +02:00
    }
    +apDeletedAt: null
    +apTimeoutAt: null
    +visibility: "visible             "
    +createdAt: DateTimeImmutable @1698929468 {#271
      date: 2023-11-02 13:51:08.0 +01:00
    }
  }
  +image: null
  +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
  +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
  +title: "Have I successfully blocked ssh logins to root?"
  +url: null
  +body: """
    I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
    \n
    What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
    \n
    Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
    """
  +type: "article"
  +lang: "en"
  +isOc: false
  +hasEmbed: false
  +commentCount: 20
  +favouriteCount: 36
  +score: 0
  +isAdult: false
  +sticky: false
  +lastActive: DateTime @1699784052 {#2414
    date: 2023-11-12 11:14:12.0 +01:00
  }
  +ip: null
  +adaAmount: 0
  +tags: null
  +mentions: null
  +comments: Doctrine\ORM\PersistentCollection {#1884 …}
  +votes: Doctrine\ORM\PersistentCollection {#1973 …}
  +reports: Doctrine\ORM\PersistentCollection {#1959 …}
  +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
  +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
  +badges: Doctrine\ORM\PersistentCollection {#2440 …}
  +children: []
  -id: 11766
  -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
  -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
  +cross: false
  +upVotes: 0
  +downVotes: 0
  +ranking: 1699715739
  +visibility: "visible             "
  +apId: "https://lemmy.ml/post/7770730"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699629339 {#1793
    date: 2023-11-10 16:15:39.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4036
  +user: App\Entity\User {#3984 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: """
    Let us see, shall we?\n
    \n
    ```\n
    \n
    <span style="color:#323232;">ssh root@cyberwolfie.com\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">❯ cowsay Uh-oh\n
    </span><span style="color:#323232;"> _______ \n
    </span><span style="color:#323232;">&lt; Uh-oh >\n
    </span><span style="color:#323232;"> ------- \n
    </span><span style="color:#323232;">           ^__^\n
    </span><span style="color:#323232;">           (oo)_______\n
    </span><span style="color:#323232;">            (__)       )/\n
    </span><span style="color:#323232;">                ||----w |\n
    </span><span style="color:#323232;">                ||     ||\n
    </span>\n
    ```\n
    \n
    ;)
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 13
  +score: 0
  +lastActive: DateTime @1699643250 {#4045
    date: 2023-11-10 20:07:30.0 +01:00
  }
  +ip: null
  +tags: [
    "323232"
  ]
  +mentions: [
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4034 …}
  +nested: Doctrine\ORM\PersistentCollection {#4032 …}
  +votes: Doctrine\ORM\PersistentCollection {#4030 …}
  +reports: Doctrine\ORM\PersistentCollection {#4028 …}
  +favourites: Doctrine\ORM\PersistentCollection {#3996 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4000 …}
  -id: 108718
  -bodyTs: "'cowsay':8 'let':1 'oh':11,14 'oo':15 'root@cyberwolfie.com':7 'see':3 'shall':4 'ssh':6 'uh':10,13 'uh-oh':9,12 'us':2 'w':16"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.dbzer0.com/comment/4976734"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699643250 {#3981
    date: 2023-11-10 20:07:30.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4036
  +user: App\Entity\User {#3984 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: """
    Let us see, shall we?\n
    \n
    ```\n
    \n
    <span style="color:#323232;">ssh root@cyberwolfie.com\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">❯ cowsay Uh-oh\n
    </span><span style="color:#323232;"> _______ \n
    </span><span style="color:#323232;">&lt; Uh-oh >\n
    </span><span style="color:#323232;"> ------- \n
    </span><span style="color:#323232;">           ^__^\n
    </span><span style="color:#323232;">           (oo)_______\n
    </span><span style="color:#323232;">            (__)       )/\n
    </span><span style="color:#323232;">                ||----w |\n
    </span><span style="color:#323232;">                ||     ||\n
    </span>\n
    ```\n
    \n
    ;)
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 13
  +score: 0
  +lastActive: DateTime @1699643250 {#4045
    date: 2023-11-10 20:07:30.0 +01:00
  }
  +ip: null
  +tags: [
    "323232"
  ]
  +mentions: [
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4034 …}
  +nested: Doctrine\ORM\PersistentCollection {#4032 …}
  +votes: Doctrine\ORM\PersistentCollection {#4030 …}
  +reports: Doctrine\ORM\PersistentCollection {#4028 …}
  +favourites: Doctrine\ORM\PersistentCollection {#3996 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4000 …}
  -id: 108718
  -bodyTs: "'cowsay':8 'let':1 'oh':11,14 'oo':15 'root@cyberwolfie.com':7 'see':3 'shall':4 'ssh':6 'uh':10,13 'uh-oh':9,12 'us':2 'w':16"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.dbzer0.com/comment/4976734"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699643250 {#3981
    date: 2023-11-10 20:07:30.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4036
  +user: App\Entity\User {#3984 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: """
    Let us see, shall we?\n
    \n
    ```\n
    \n
    <span style="color:#323232;">ssh root@cyberwolfie.com\n
    </span><span style="color:#323232;">\n
    </span><span style="color:#323232;">❯ cowsay Uh-oh\n
    </span><span style="color:#323232;"> _______ \n
    </span><span style="color:#323232;">&lt; Uh-oh >\n
    </span><span style="color:#323232;"> ------- \n
    </span><span style="color:#323232;">           ^__^\n
    </span><span style="color:#323232;">           (oo)_______\n
    </span><span style="color:#323232;">            (__)       )/\n
    </span><span style="color:#323232;">                ||----w |\n
    </span><span style="color:#323232;">                ||     ||\n
    </span>\n
    ```\n
    \n
    ;)
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 13
  +score: 0
  +lastActive: DateTime @1699643250 {#4045
    date: 2023-11-10 20:07:30.0 +01:00
  }
  +ip: null
  +tags: [
    "323232"
  ]
  +mentions: [
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4034 …}
  +nested: Doctrine\ORM\PersistentCollection {#4032 …}
  +votes: Doctrine\ORM\PersistentCollection {#4030 …}
  +reports: Doctrine\ORM\PersistentCollection {#4028 …}
  +favourites: Doctrine\ORM\PersistentCollection {#3996 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4000 …}
  -id: 108718
  -bodyTs: "'cowsay':8 'let':1 'oh':11,14 'oo':15 'root@cyberwolfie.com':7 'see':3 'shall':4 'ssh':6 'uh':10,13 'uh-oh':9,12 'us':2 'w':16"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.dbzer0.com/comment/4976734"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699643250 {#3981
    date: 2023-11-10 20:07:30.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4073
  +user: App\Entity\User {#4056 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: "Did you restart the server after you made the config change?"
  +lang: "en"
  +isAdult: false
  +favouriteCount: 6
  +score: 0
  +lastActive: DateTime @1699708296 {#4079
    date: 2023-11-11 14:11:36.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4071 …}
  +nested: Doctrine\ORM\PersistentCollection {#4069 …}
  +votes: Doctrine\ORM\PersistentCollection {#4067 …}
  +reports: Doctrine\ORM\PersistentCollection {#4064 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4060 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4058 …}
  -id: 107952
  -bodyTs: "'chang':11 'config':10 'made':8 'restart':3 'server':5"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678701"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699631073 {#4077
    date: 2023-11-10 16:44:33.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4073
  +user: App\Entity\User {#4056 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: "Did you restart the server after you made the config change?"
  +lang: "en"
  +isAdult: false
  +favouriteCount: 6
  +score: 0
  +lastActive: DateTime @1699708296 {#4079
    date: 2023-11-11 14:11:36.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4071 …}
  +nested: Doctrine\ORM\PersistentCollection {#4069 …}
  +votes: Doctrine\ORM\PersistentCollection {#4067 …}
  +reports: Doctrine\ORM\PersistentCollection {#4064 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4060 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4058 …}
  -id: 107952
  -bodyTs: "'chang':11 'config':10 'made':8 'restart':3 'server':5"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678701"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699631073 {#4077
    date: 2023-11-10 16:44:33.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4073
  +user: App\Entity\User {#4056 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: "Did you restart the server after you made the config change?"
  +lang: "en"
  +isAdult: false
  +favouriteCount: 6
  +score: 0
  +lastActive: DateTime @1699708296 {#4079
    date: 2023-11-11 14:11:36.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4071 …}
  +nested: Doctrine\ORM\PersistentCollection {#4069 …}
  +votes: Doctrine\ORM\PersistentCollection {#4067 …}
  +reports: Doctrine\ORM\PersistentCollection {#4064 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4060 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4058 …}
  -id: 107952
  -bodyTs: "'chang':11 'config':10 'made':8 'restart':3 'server':5"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678701"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699631073 {#4077
    date: 2023-11-10 16:44:33.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4462
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4073
    +user: App\Entity\User {#4056 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: "Did you restart the server after you made the config change?"
    +lang: "en"
    +isAdult: false
    +favouriteCount: 6
    +score: 0
    +lastActive: DateTime @1699708296 {#4079
      date: 2023-11-11 14:11:36.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4071 …}
    +nested: Doctrine\ORM\PersistentCollection {#4069 …}
    +votes: Doctrine\ORM\PersistentCollection {#4067 …}
    +reports: Doctrine\ORM\PersistentCollection {#4064 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4060 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4058 …}
    -id: 107952
    -bodyTs: "'chang':11 'config':10 'made':8 'restart':3 'server':5"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678701"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699631073 {#4077
      date: 2023-11-10 16:44:33.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4073}
  +body: "Yes."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 4
  +score: 0
  +lastActive: DateTime @1699631140 {#4460
    date: 2023-11-10 16:45:40.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@authed@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4463 …}
  +nested: Doctrine\ORM\PersistentCollection {#4465 …}
  +votes: Doctrine\ORM\PersistentCollection {#4467 …}
  +reports: Doctrine\ORM\PersistentCollection {#4469 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4471 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4473 …}
  -id: 107958
  -bodyTs: "'yes':1"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678736"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699631140 {#4461
    date: 2023-11-10 16:45:40.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4462
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4073
    +user: App\Entity\User {#4056 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: "Did you restart the server after you made the config change?"
    +lang: "en"
    +isAdult: false
    +favouriteCount: 6
    +score: 0
    +lastActive: DateTime @1699708296 {#4079
      date: 2023-11-11 14:11:36.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4071 …}
    +nested: Doctrine\ORM\PersistentCollection {#4069 …}
    +votes: Doctrine\ORM\PersistentCollection {#4067 …}
    +reports: Doctrine\ORM\PersistentCollection {#4064 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4060 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4058 …}
    -id: 107952
    -bodyTs: "'chang':11 'config':10 'made':8 'restart':3 'server':5"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678701"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699631073 {#4077
      date: 2023-11-10 16:44:33.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4073}
  +body: "Yes."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 4
  +score: 0
  +lastActive: DateTime @1699631140 {#4460
    date: 2023-11-10 16:45:40.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@authed@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4463 …}
  +nested: Doctrine\ORM\PersistentCollection {#4465 …}
  +votes: Doctrine\ORM\PersistentCollection {#4467 …}
  +reports: Doctrine\ORM\PersistentCollection {#4469 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4471 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4473 …}
  -id: 107958
  -bodyTs: "'yes':1"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678736"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699631140 {#4461
    date: 2023-11-10 16:45:40.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4462
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4073
    +user: App\Entity\User {#4056 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: "Did you restart the server after you made the config change?"
    +lang: "en"
    +isAdult: false
    +favouriteCount: 6
    +score: 0
    +lastActive: DateTime @1699708296 {#4079
      date: 2023-11-11 14:11:36.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4071 …}
    +nested: Doctrine\ORM\PersistentCollection {#4069 …}
    +votes: Doctrine\ORM\PersistentCollection {#4067 …}
    +reports: Doctrine\ORM\PersistentCollection {#4064 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4060 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4058 …}
    -id: 107952
    -bodyTs: "'chang':11 'config':10 'made':8 'restart':3 'server':5"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678701"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699631073 {#4077
      date: 2023-11-10 16:44:33.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4073}
  +body: "Yes."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 4
  +score: 0
  +lastActive: DateTime @1699631140 {#4460
    date: 2023-11-10 16:45:40.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@authed@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4463 …}
  +nested: Doctrine\ORM\PersistentCollection {#4465 …}
  +votes: Doctrine\ORM\PersistentCollection {#4467 …}
  +reports: Doctrine\ORM\PersistentCollection {#4469 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4471 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4473 …}
  -id: 107958
  -bodyTs: "'yes':1"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678736"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699631140 {#4461
    date: 2023-11-10 16:45:40.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4155
  +user: App\Entity\User {#4168 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: """
    Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
    \n
    If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
    \n
    Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 8
  +score: 0
  +lastActive: DateTime @1699912409 {#4149
    date: 2023-11-13 22:53:29.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4156 …}
  +nested: Doctrine\ORM\PersistentCollection {#4158 …}
  +votes: Doctrine\ORM\PersistentCollection {#4160 …}
  +reports: Doctrine\ORM\PersistentCollection {#4162 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
  -id: 107892
  -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ca/comment/4739106"
  +editedAt: DateTimeImmutable @1699759751 {#4150
    date: 2023-11-12 04:29:11.0 +01:00
  }
  +createdAt: DateTimeImmutable @1699630135 {#4151
    date: 2023-11-10 16:28:55.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4155
  +user: App\Entity\User {#4168 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: """
    Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
    \n
    If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
    \n
    Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 8
  +score: 0
  +lastActive: DateTime @1699912409 {#4149
    date: 2023-11-13 22:53:29.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4156 …}
  +nested: Doctrine\ORM\PersistentCollection {#4158 …}
  +votes: Doctrine\ORM\PersistentCollection {#4160 …}
  +reports: Doctrine\ORM\PersistentCollection {#4162 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
  -id: 107892
  -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ca/comment/4739106"
  +editedAt: DateTimeImmutable @1699759751 {#4150
    date: 2023-11-12 04:29:11.0 +01:00
  }
  +createdAt: DateTimeImmutable @1699630135 {#4151
    date: 2023-11-10 16:28:55.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4155
  +user: App\Entity\User {#4168 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: """
    Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
    \n
    If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
    \n
    Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 8
  +score: 0
  +lastActive: DateTime @1699912409 {#4149
    date: 2023-11-13 22:53:29.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4156 …}
  +nested: Doctrine\ORM\PersistentCollection {#4158 …}
  +votes: Doctrine\ORM\PersistentCollection {#4160 …}
  +reports: Doctrine\ORM\PersistentCollection {#4162 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
  -id: 107892
  -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ca/comment/4739106"
  +editedAt: DateTimeImmutable @1699759751 {#4150
    date: 2023-11-12 04:29:11.0 +01:00
  }
  +createdAt: DateTimeImmutable @1699630135 {#4151
    date: 2023-11-10 16:28:55.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4414
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4155
    +user: App\Entity\User {#4168 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: """
      Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 8
    +score: 0
    +lastActive: DateTime @1699912409 {#4149
      date: 2023-11-13 22:53:29.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4156 …}
    +nested: Doctrine\ORM\PersistentCollection {#4158 …}
    +votes: Doctrine\ORM\PersistentCollection {#4160 …}
    +reports: Doctrine\ORM\PersistentCollection {#4162 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
    -id: 107892
    -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ca/comment/4739106"
    +editedAt: DateTimeImmutable @1699759751 {#4150
      date: 2023-11-12 04:29:11.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699630135 {#4151
      date: 2023-11-10 16:28:55.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    > Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
    \n
    Not sure what you meant about the ‘match’ config expressions here. Could you elaborate a bit further?\n
    \n
    > If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
    \n
    Hehe, yeah, I’ve noticed… The reason I get a little anxious whether I did this correctly, is that 95% of the login attempts are to root, so I want to make sure it is disabled. I have set up Fail2Ban, but I am using default settings, which may be a bit laxer than they need?\n
    \n
    I’ve also been advised and considered moving to ssh keys, but I have not gotten to that yet.\n
    \n
    > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
    \n
    Makes sense. One question that comes from this is: is it possible to disable that? I would never need two ssh-logins at the same time on my server. And the second question is what I asked above regarding whether I should change the port ssh listens to in order to reduce unwanted malicious login attempts?
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699630613 {#4412
    date: 2023-11-10 16:36:53.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4415 …}
  +nested: Doctrine\ORM\PersistentCollection {#4417 …}
  +votes: Doctrine\ORM\PersistentCollection {#4419 …}
  +reports: Doctrine\ORM\PersistentCollection {#4421 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4423 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4425 …}
  -id: 107920
  -bodyTs: "'22':154,173 '95':94 'ad':12 'advis':135 'also':133 'anoth':64,168 'anxious':86 'ask':215 'attempt':58,98,234 'bit':41,126 'block':8 'chang':221 'come':183 'config':19,34 'connect':51,159,166,177 'consid':137 'correct':91 'could':37 'default':120 'disabl':110,191 'elabor':39 'even':24 'express':20,35 'fail2ban':67,115 'filter':13,22 'free':171 'get':83 'gotten':146 'heavili':54 'hehe':75 'hit':55,71 'host':74,163 'key':141 'laxer':127 'like':66 'listen':151,225 'littl':85 'login':10,23,57,97,200,233 'made':161 'make':106,178 'malici':232 'match':18,33 'may':123 'meant':30 'move':138,164 'need':130,196 'network':49 'never':195 'new':176 'normal':61 'notic':79 'one':180 'open':48 'order':228 'port':153,169,223 'possibl':189 'question':181,211 're':45 'reason':81 'reduc':230 'regard':217 'repeat':70 'right':5 'root':9,101 'second':210 'sens':179 'server':207 'servic':65 'set':113,121 'soon':156 'ssh':140,150,199,224 'ssh-login':198 'stop':69 'sure':27,107 'time':204 'two':197 'unwant':231 'use':16,63,119 've':78,132 'want':104 'way':6 'whether':87,218 'would':194 'yeah':76 'yes':1 'yet':149"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678468"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630613 {#4413
    date: 2023-11-10 16:36:53.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4414
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4155
    +user: App\Entity\User {#4168 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: """
      Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 8
    +score: 0
    +lastActive: DateTime @1699912409 {#4149
      date: 2023-11-13 22:53:29.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4156 …}
    +nested: Doctrine\ORM\PersistentCollection {#4158 …}
    +votes: Doctrine\ORM\PersistentCollection {#4160 …}
    +reports: Doctrine\ORM\PersistentCollection {#4162 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
    -id: 107892
    -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ca/comment/4739106"
    +editedAt: DateTimeImmutable @1699759751 {#4150
      date: 2023-11-12 04:29:11.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699630135 {#4151
      date: 2023-11-10 16:28:55.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    > Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
    \n
    Not sure what you meant about the ‘match’ config expressions here. Could you elaborate a bit further?\n
    \n
    > If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
    \n
    Hehe, yeah, I’ve noticed… The reason I get a little anxious whether I did this correctly, is that 95% of the login attempts are to root, so I want to make sure it is disabled. I have set up Fail2Ban, but I am using default settings, which may be a bit laxer than they need?\n
    \n
    I’ve also been advised and considered moving to ssh keys, but I have not gotten to that yet.\n
    \n
    > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
    \n
    Makes sense. One question that comes from this is: is it possible to disable that? I would never need two ssh-logins at the same time on my server. And the second question is what I asked above regarding whether I should change the port ssh listens to in order to reduce unwanted malicious login attempts?
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699630613 {#4412
    date: 2023-11-10 16:36:53.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4415 …}
  +nested: Doctrine\ORM\PersistentCollection {#4417 …}
  +votes: Doctrine\ORM\PersistentCollection {#4419 …}
  +reports: Doctrine\ORM\PersistentCollection {#4421 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4423 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4425 …}
  -id: 107920
  -bodyTs: "'22':154,173 '95':94 'ad':12 'advis':135 'also':133 'anoth':64,168 'anxious':86 'ask':215 'attempt':58,98,234 'bit':41,126 'block':8 'chang':221 'come':183 'config':19,34 'connect':51,159,166,177 'consid':137 'correct':91 'could':37 'default':120 'disabl':110,191 'elabor':39 'even':24 'express':20,35 'fail2ban':67,115 'filter':13,22 'free':171 'get':83 'gotten':146 'heavili':54 'hehe':75 'hit':55,71 'host':74,163 'key':141 'laxer':127 'like':66 'listen':151,225 'littl':85 'login':10,23,57,97,200,233 'made':161 'make':106,178 'malici':232 'match':18,33 'may':123 'meant':30 'move':138,164 'need':130,196 'network':49 'never':195 'new':176 'normal':61 'notic':79 'one':180 'open':48 'order':228 'port':153,169,223 'possibl':189 'question':181,211 're':45 'reason':81 'reduc':230 'regard':217 'repeat':70 'right':5 'root':9,101 'second':210 'sens':179 'server':207 'servic':65 'set':113,121 'soon':156 'ssh':140,150,199,224 'ssh-login':198 'stop':69 'sure':27,107 'time':204 'two':197 'unwant':231 'use':16,63,119 've':78,132 'want':104 'way':6 'whether':87,218 'would':194 'yeah':76 'yes':1 'yet':149"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678468"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630613 {#4413
    date: 2023-11-10 16:36:53.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4414
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4155
    +user: App\Entity\User {#4168 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: """
      Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 8
    +score: 0
    +lastActive: DateTime @1699912409 {#4149
      date: 2023-11-13 22:53:29.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4156 …}
    +nested: Doctrine\ORM\PersistentCollection {#4158 …}
    +votes: Doctrine\ORM\PersistentCollection {#4160 …}
    +reports: Doctrine\ORM\PersistentCollection {#4162 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
    -id: 107892
    -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ca/comment/4739106"
    +editedAt: DateTimeImmutable @1699759751 {#4150
      date: 2023-11-12 04:29:11.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699630135 {#4151
      date: 2023-11-10 16:28:55.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    > Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
    \n
    Not sure what you meant about the ‘match’ config expressions here. Could you elaborate a bit further?\n
    \n
    > If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
    \n
    Hehe, yeah, I’ve noticed… The reason I get a little anxious whether I did this correctly, is that 95% of the login attempts are to root, so I want to make sure it is disabled. I have set up Fail2Ban, but I am using default settings, which may be a bit laxer than they need?\n
    \n
    I’ve also been advised and considered moving to ssh keys, but I have not gotten to that yet.\n
    \n
    > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
    \n
    Makes sense. One question that comes from this is: is it possible to disable that? I would never need two ssh-logins at the same time on my server. And the second question is what I asked above regarding whether I should change the port ssh listens to in order to reduce unwanted malicious login attempts?
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699630613 {#4412
    date: 2023-11-10 16:36:53.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4415 …}
  +nested: Doctrine\ORM\PersistentCollection {#4417 …}
  +votes: Doctrine\ORM\PersistentCollection {#4419 …}
  +reports: Doctrine\ORM\PersistentCollection {#4421 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4423 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4425 …}
  -id: 107920
  -bodyTs: "'22':154,173 '95':94 'ad':12 'advis':135 'also':133 'anoth':64,168 'anxious':86 'ask':215 'attempt':58,98,234 'bit':41,126 'block':8 'chang':221 'come':183 'config':19,34 'connect':51,159,166,177 'consid':137 'correct':91 'could':37 'default':120 'disabl':110,191 'elabor':39 'even':24 'express':20,35 'fail2ban':67,115 'filter':13,22 'free':171 'get':83 'gotten':146 'heavili':54 'hehe':75 'hit':55,71 'host':74,163 'key':141 'laxer':127 'like':66 'listen':151,225 'littl':85 'login':10,23,57,97,200,233 'made':161 'make':106,178 'malici':232 'match':18,33 'may':123 'meant':30 'move':138,164 'need':130,196 'network':49 'never':195 'new':176 'normal':61 'notic':79 'one':180 'open':48 'order':228 'port':153,169,223 'possibl':189 'question':181,211 're':45 'reason':81 'reduc':230 'regard':217 'repeat':70 'right':5 'root':9,101 'second':210 'sens':179 'server':207 'servic':65 'set':113,121 'soon':156 'ssh':140,150,199,224 'ssh-login':198 'stop':69 'sure':27,107 'time':204 'two':197 'unwant':231 'use':16,63,119 've':78,132 'want':104 'way':6 'whether':87,218 'would':194 'yeah':76 'yes':1 'yet':149"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678468"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630613 {#4413
    date: 2023-11-10 16:36:53.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4499
  +user: Proxies\__CG__\App\Entity\User {#4500 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4414
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4155
      +user: App\Entity\User {#4168 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: null
      +root: null
      +body: """
        Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
        \n
        If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
        \n
        Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 8
      +score: 0
      +lastActive: DateTime @1699912409 {#4149
        date: 2023-11-13 22:53:29.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4156 …}
      +nested: Doctrine\ORM\PersistentCollection {#4158 …}
      +votes: Doctrine\ORM\PersistentCollection {#4160 …}
      +reports: Doctrine\ORM\PersistentCollection {#4162 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
      -id: 107892
      -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ca/comment/4739106"
      +editedAt: DateTimeImmutable @1699759751 {#4150
        date: 2023-11-12 04:29:11.0 +01:00
      }
      +createdAt: DateTimeImmutable @1699630135 {#4151
        date: 2023-11-10 16:28:55.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4155}
    +body: """
      > Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      Not sure what you meant about the ‘match’ config expressions here. Could you elaborate a bit further?\n
      \n
      > If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Hehe, yeah, I’ve noticed… The reason I get a little anxious whether I did this correctly, is that 95% of the login attempts are to root, so I want to make sure it is disabled. I have set up Fail2Ban, but I am using default settings, which may be a bit laxer than they need?\n
      \n
      I’ve also been advised and considered moving to ssh keys, but I have not gotten to that yet.\n
      \n
      > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
      \n
      Makes sense. One question that comes from this is: is it possible to disable that? I would never need two ssh-logins at the same time on my server. And the second question is what I asked above regarding whether I should change the port ssh listens to in order to reduce unwanted malicious login attempts?
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699630613 {#4412
      date: 2023-11-10 16:36:53.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@willybe@lemmy.ca"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4415 …}
    +nested: Doctrine\ORM\PersistentCollection {#4417 …}
    +votes: Doctrine\ORM\PersistentCollection {#4419 …}
    +reports: Doctrine\ORM\PersistentCollection {#4421 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4423 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4425 …}
    -id: 107920
    -bodyTs: "'22':154,173 '95':94 'ad':12 'advis':135 'also':133 'anoth':64,168 'anxious':86 'ask':215 'attempt':58,98,234 'bit':41,126 'block':8 'chang':221 'come':183 'config':19,34 'connect':51,159,166,177 'consid':137 'correct':91 'could':37 'default':120 'disabl':110,191 'elabor':39 'even':24 'express':20,35 'fail2ban':67,115 'filter':13,22 'free':171 'get':83 'gotten':146 'heavili':54 'hehe':75 'hit':55,71 'host':74,163 'key':141 'laxer':127 'like':66 'listen':151,225 'littl':85 'login':10,23,57,97,200,233 'made':161 'make':106,178 'malici':232 'match':18,33 'may':123 'meant':30 'move':138,164 'need':130,196 'network':49 'never':195 'new':176 'normal':61 'notic':79 'one':180 'open':48 'order':228 'port':153,169,223 'possibl':189 'question':181,211 're':45 'reason':81 'reduc':230 'regard':217 'repeat':70 'right':5 'root':9,101 'second':210 'sens':179 'server':207 'servic':65 'set':113,121 'soon':156 'ssh':140,150,199,224 'ssh-login':198 'stop':69 'sure':27,107 'time':204 'two':197 'unwant':231 'use':16,63,119 've':78,132 'want':104 'way':6 'whether':87,218 'would':194 'yeah':76 'yes':1 'yet':149"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678468"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630613 {#4413
      date: 2023-11-10 16:36:53.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
    > \n
    > Makes sense\n
    \n
    No, it’s nonsense. Nothing like that happens.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 6
  +score: 0
  +lastActive: DateTime @1699631834 {#4497
    date: 2023-11-10 16:57:14.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4501 …}
  +nested: Doctrine\ORM\PersistentCollection {#4503 …}
  +votes: Doctrine\ORM\PersistentCollection {#4505 …}
  +reports: Doctrine\ORM\PersistentCollection {#4507 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4509 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4511 …}
  -id: 108006
  -bodyTs: "'22':5,24 'anoth':19 'connect':10,17,28 'free':22 'happen':38 'host':14 'like':36 'listen':2 'made':12 'make':29 'move':15 'new':27 'nonsens':34 'noth':35 'port':4,20 'sens':30 'soon':7 'ssh':1"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5679063"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699631834 {#4498
    date: 2023-11-10 16:57:14.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4499
  +user: Proxies\__CG__\App\Entity\User {#4500 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4414
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4155
      +user: App\Entity\User {#4168 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: null
      +root: null
      +body: """
        Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
        \n
        If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
        \n
        Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 8
      +score: 0
      +lastActive: DateTime @1699912409 {#4149
        date: 2023-11-13 22:53:29.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4156 …}
      +nested: Doctrine\ORM\PersistentCollection {#4158 …}
      +votes: Doctrine\ORM\PersistentCollection {#4160 …}
      +reports: Doctrine\ORM\PersistentCollection {#4162 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
      -id: 107892
      -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ca/comment/4739106"
      +editedAt: DateTimeImmutable @1699759751 {#4150
        date: 2023-11-12 04:29:11.0 +01:00
      }
      +createdAt: DateTimeImmutable @1699630135 {#4151
        date: 2023-11-10 16:28:55.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4155}
    +body: """
      > Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      Not sure what you meant about the ‘match’ config expressions here. Could you elaborate a bit further?\n
      \n
      > If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Hehe, yeah, I’ve noticed… The reason I get a little anxious whether I did this correctly, is that 95% of the login attempts are to root, so I want to make sure it is disabled. I have set up Fail2Ban, but I am using default settings, which may be a bit laxer than they need?\n
      \n
      I’ve also been advised and considered moving to ssh keys, but I have not gotten to that yet.\n
      \n
      > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
      \n
      Makes sense. One question that comes from this is: is it possible to disable that? I would never need two ssh-logins at the same time on my server. And the second question is what I asked above regarding whether I should change the port ssh listens to in order to reduce unwanted malicious login attempts?
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699630613 {#4412
      date: 2023-11-10 16:36:53.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@willybe@lemmy.ca"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4415 …}
    +nested: Doctrine\ORM\PersistentCollection {#4417 …}
    +votes: Doctrine\ORM\PersistentCollection {#4419 …}
    +reports: Doctrine\ORM\PersistentCollection {#4421 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4423 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4425 …}
    -id: 107920
    -bodyTs: "'22':154,173 '95':94 'ad':12 'advis':135 'also':133 'anoth':64,168 'anxious':86 'ask':215 'attempt':58,98,234 'bit':41,126 'block':8 'chang':221 'come':183 'config':19,34 'connect':51,159,166,177 'consid':137 'correct':91 'could':37 'default':120 'disabl':110,191 'elabor':39 'even':24 'express':20,35 'fail2ban':67,115 'filter':13,22 'free':171 'get':83 'gotten':146 'heavili':54 'hehe':75 'hit':55,71 'host':74,163 'key':141 'laxer':127 'like':66 'listen':151,225 'littl':85 'login':10,23,57,97,200,233 'made':161 'make':106,178 'malici':232 'match':18,33 'may':123 'meant':30 'move':138,164 'need':130,196 'network':49 'never':195 'new':176 'normal':61 'notic':79 'one':180 'open':48 'order':228 'port':153,169,223 'possibl':189 'question':181,211 're':45 'reason':81 'reduc':230 'regard':217 'repeat':70 'right':5 'root':9,101 'second':210 'sens':179 'server':207 'servic':65 'set':113,121 'soon':156 'ssh':140,150,199,224 'ssh-login':198 'stop':69 'sure':27,107 'time':204 'two':197 'unwant':231 'use':16,63,119 've':78,132 'want':104 'way':6 'whether':87,218 'would':194 'yeah':76 'yes':1 'yet':149"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678468"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630613 {#4413
      date: 2023-11-10 16:36:53.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
    > \n
    > Makes sense\n
    \n
    No, it’s nonsense. Nothing like that happens.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 6
  +score: 0
  +lastActive: DateTime @1699631834 {#4497
    date: 2023-11-10 16:57:14.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4501 …}
  +nested: Doctrine\ORM\PersistentCollection {#4503 …}
  +votes: Doctrine\ORM\PersistentCollection {#4505 …}
  +reports: Doctrine\ORM\PersistentCollection {#4507 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4509 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4511 …}
  -id: 108006
  -bodyTs: "'22':5,24 'anoth':19 'connect':10,17,28 'free':22 'happen':38 'host':14 'like':36 'listen':2 'made':12 'make':29 'move':15 'new':27 'nonsens':34 'noth':35 'port':4,20 'sens':30 'soon':7 'ssh':1"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5679063"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699631834 {#4498
    date: 2023-11-10 16:57:14.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4499
  +user: Proxies\__CG__\App\Entity\User {#4500 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4414
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4155
      +user: App\Entity\User {#4168 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: null
      +root: null
      +body: """
        Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
        \n
        If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
        \n
        Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 8
      +score: 0
      +lastActive: DateTime @1699912409 {#4149
        date: 2023-11-13 22:53:29.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4156 …}
      +nested: Doctrine\ORM\PersistentCollection {#4158 …}
      +votes: Doctrine\ORM\PersistentCollection {#4160 …}
      +reports: Doctrine\ORM\PersistentCollection {#4162 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
      -id: 107892
      -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ca/comment/4739106"
      +editedAt: DateTimeImmutable @1699759751 {#4150
        date: 2023-11-12 04:29:11.0 +01:00
      }
      +createdAt: DateTimeImmutable @1699630135 {#4151
        date: 2023-11-10 16:28:55.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4155}
    +body: """
      > Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      Not sure what you meant about the ‘match’ config expressions here. Could you elaborate a bit further?\n
      \n
      > If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Hehe, yeah, I’ve noticed… The reason I get a little anxious whether I did this correctly, is that 95% of the login attempts are to root, so I want to make sure it is disabled. I have set up Fail2Ban, but I am using default settings, which may be a bit laxer than they need?\n
      \n
      I’ve also been advised and considered moving to ssh keys, but I have not gotten to that yet.\n
      \n
      > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
      \n
      Makes sense. One question that comes from this is: is it possible to disable that? I would never need two ssh-logins at the same time on my server. And the second question is what I asked above regarding whether I should change the port ssh listens to in order to reduce unwanted malicious login attempts?
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699630613 {#4412
      date: 2023-11-10 16:36:53.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@willybe@lemmy.ca"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4415 …}
    +nested: Doctrine\ORM\PersistentCollection {#4417 …}
    +votes: Doctrine\ORM\PersistentCollection {#4419 …}
    +reports: Doctrine\ORM\PersistentCollection {#4421 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4423 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4425 …}
    -id: 107920
    -bodyTs: "'22':154,173 '95':94 'ad':12 'advis':135 'also':133 'anoth':64,168 'anxious':86 'ask':215 'attempt':58,98,234 'bit':41,126 'block':8 'chang':221 'come':183 'config':19,34 'connect':51,159,166,177 'consid':137 'correct':91 'could':37 'default':120 'disabl':110,191 'elabor':39 'even':24 'express':20,35 'fail2ban':67,115 'filter':13,22 'free':171 'get':83 'gotten':146 'heavili':54 'hehe':75 'hit':55,71 'host':74,163 'key':141 'laxer':127 'like':66 'listen':151,225 'littl':85 'login':10,23,57,97,200,233 'made':161 'make':106,178 'malici':232 'match':18,33 'may':123 'meant':30 'move':138,164 'need':130,196 'network':49 'never':195 'new':176 'normal':61 'notic':79 'one':180 'open':48 'order':228 'port':153,169,223 'possibl':189 'question':181,211 're':45 'reason':81 'reduc':230 'regard':217 'repeat':70 'right':5 'root':9,101 'second':210 'sens':179 'server':207 'servic':65 'set':113,121 'soon':156 'ssh':140,150,199,224 'ssh-login':198 'stop':69 'sure':27,107 'time':204 'two':197 'unwant':231 'use':16,63,119 've':78,132 'want':104 'way':6 'whether':87,218 'would':194 'yeah':76 'yes':1 'yet':149"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678468"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630613 {#4413
      date: 2023-11-10 16:36:53.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
    > \n
    > Makes sense\n
    \n
    No, it’s nonsense. Nothing like that happens.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 6
  +score: 0
  +lastActive: DateTime @1699631834 {#4497
    date: 2023-11-10 16:57:14.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4501 …}
  +nested: Doctrine\ORM\PersistentCollection {#4503 …}
  +votes: Doctrine\ORM\PersistentCollection {#4505 …}
  +reports: Doctrine\ORM\PersistentCollection {#4507 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4509 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4511 …}
  -id: 108006
  -bodyTs: "'22':5,24 'anoth':19 'connect':10,17,28 'free':22 'happen':38 'host':14 'like':36 'listen':2 'made':12 'make':29 'move':15 'new':27 'nonsens':34 'noth':35 'port':4,20 'sens':30 'soon':7 'ssh':1"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5679063"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699631834 {#4498
    date: 2023-11-10 16:57:14.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4515
  +user: App\Entity\User {#4168 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4414
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4155
      +user: App\Entity\User {#4168 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: null
      +root: null
      +body: """
        Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
        \n
        If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
        \n
        Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 8
      +score: 0
      +lastActive: DateTime @1699912409 {#4149
        date: 2023-11-13 22:53:29.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4156 …}
      +nested: Doctrine\ORM\PersistentCollection {#4158 …}
      +votes: Doctrine\ORM\PersistentCollection {#4160 …}
      +reports: Doctrine\ORM\PersistentCollection {#4162 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
      -id: 107892
      -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ca/comment/4739106"
      +editedAt: DateTimeImmutable @1699759751 {#4150
        date: 2023-11-12 04:29:11.0 +01:00
      }
      +createdAt: DateTimeImmutable @1699630135 {#4151
        date: 2023-11-10 16:28:55.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4155}
    +body: """
      > Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      Not sure what you meant about the ‘match’ config expressions here. Could you elaborate a bit further?\n
      \n
      > If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Hehe, yeah, I’ve noticed… The reason I get a little anxious whether I did this correctly, is that 95% of the login attempts are to root, so I want to make sure it is disabled. I have set up Fail2Ban, but I am using default settings, which may be a bit laxer than they need?\n
      \n
      I’ve also been advised and considered moving to ssh keys, but I have not gotten to that yet.\n
      \n
      > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
      \n
      Makes sense. One question that comes from this is: is it possible to disable that? I would never need two ssh-logins at the same time on my server. And the second question is what I asked above regarding whether I should change the port ssh listens to in order to reduce unwanted malicious login attempts?
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699630613 {#4412
      date: 2023-11-10 16:36:53.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@willybe@lemmy.ca"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4415 …}
    +nested: Doctrine\ORM\PersistentCollection {#4417 …}
    +votes: Doctrine\ORM\PersistentCollection {#4419 …}
    +reports: Doctrine\ORM\PersistentCollection {#4421 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4423 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4425 …}
    -id: 107920
    -bodyTs: "'22':154,173 '95':94 'ad':12 'advis':135 'also':133 'anoth':64,168 'anxious':86 'ask':215 'attempt':58,98,234 'bit':41,126 'block':8 'chang':221 'come':183 'config':19,34 'connect':51,159,166,177 'consid':137 'correct':91 'could':37 'default':120 'disabl':110,191 'elabor':39 'even':24 'express':20,35 'fail2ban':67,115 'filter':13,22 'free':171 'get':83 'gotten':146 'heavili':54 'hehe':75 'hit':55,71 'host':74,163 'key':141 'laxer':127 'like':66 'listen':151,225 'littl':85 'login':10,23,57,97,200,233 'made':161 'make':106,178 'malici':232 'match':18,33 'may':123 'meant':30 'move':138,164 'need':130,196 'network':49 'never':195 'new':176 'normal':61 'notic':79 'one':180 'open':48 'order':228 'port':153,169,223 'possibl':189 'question':181,211 're':45 'reason':81 'reduc':230 'regard':217 'repeat':70 'right':5 'root':9,101 'second':210 'sens':179 'server':207 'servic':65 'set':113,121 'soon':156 'ssh':140,150,199,224 'ssh-login':198 'stop':69 'sure':27,107 'time':204 'two':197 'unwant':231 'use':16,63,119 've':78,132 'want':104 'way':6 'whether':87,218 'would':194 'yeah':76 'yes':1 'yet':149"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678468"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630613 {#4413
      date: 2023-11-10 16:36:53.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    Match blocks allow you to restrict who/what is allowed or not allowed to connect to the server. There is a large number of options to utilize. Put this near the bottom of sshd_config. There should be an example there.\n
    \n
    Here are some more examples: [stackoverflow.com/…/sshd-with-multiple-match-sect…](https://stackoverflow.com/questions/10829712/sshd-with-multiple-match-sections-override-settings)
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699664361 {#4513
    date: 2023-11-11 01:59:21.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4516 …}
  +nested: Doctrine\ORM\PersistentCollection {#4518 …}
  +votes: Doctrine\ORM\PersistentCollection {#4520 …}
  +reports: Doctrine\ORM\PersistentCollection {#4522 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4524 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4526 …}
  -id: 109625
  -bodyTs: "'/questions/10829712/sshd-with-multiple-match-sections-override-settings)':50 '/sshd-with-multiple-match-sect':47 'allow':3,9,12 'block':2 'bottom':31 'config':34 'connect':14 'exampl':39,45 'larg':21 'match':1 'near':29 'number':22 'option':24 'put':27 'restrict':6 'server':17 'sshd':33 'stackoverflow.com':46,49 'stackoverflow.com/questions/10829712/sshd-with-multiple-match-sections-override-settings)':48 'util':26 'who/what':7"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ca/comment/4752907"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699664361 {#4514
    date: 2023-11-11 01:59:21.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4515
  +user: App\Entity\User {#4168 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4414
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4155
      +user: App\Entity\User {#4168 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: null
      +root: null
      +body: """
        Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
        \n
        If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
        \n
        Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 8
      +score: 0
      +lastActive: DateTime @1699912409 {#4149
        date: 2023-11-13 22:53:29.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4156 …}
      +nested: Doctrine\ORM\PersistentCollection {#4158 …}
      +votes: Doctrine\ORM\PersistentCollection {#4160 …}
      +reports: Doctrine\ORM\PersistentCollection {#4162 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
      -id: 107892
      -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ca/comment/4739106"
      +editedAt: DateTimeImmutable @1699759751 {#4150
        date: 2023-11-12 04:29:11.0 +01:00
      }
      +createdAt: DateTimeImmutable @1699630135 {#4151
        date: 2023-11-10 16:28:55.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4155}
    +body: """
      > Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      Not sure what you meant about the ‘match’ config expressions here. Could you elaborate a bit further?\n
      \n
      > If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Hehe, yeah, I’ve noticed… The reason I get a little anxious whether I did this correctly, is that 95% of the login attempts are to root, so I want to make sure it is disabled. I have set up Fail2Ban, but I am using default settings, which may be a bit laxer than they need?\n
      \n
      I’ve also been advised and considered moving to ssh keys, but I have not gotten to that yet.\n
      \n
      > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
      \n
      Makes sense. One question that comes from this is: is it possible to disable that? I would never need two ssh-logins at the same time on my server. And the second question is what I asked above regarding whether I should change the port ssh listens to in order to reduce unwanted malicious login attempts?
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699630613 {#4412
      date: 2023-11-10 16:36:53.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@willybe@lemmy.ca"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4415 …}
    +nested: Doctrine\ORM\PersistentCollection {#4417 …}
    +votes: Doctrine\ORM\PersistentCollection {#4419 …}
    +reports: Doctrine\ORM\PersistentCollection {#4421 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4423 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4425 …}
    -id: 107920
    -bodyTs: "'22':154,173 '95':94 'ad':12 'advis':135 'also':133 'anoth':64,168 'anxious':86 'ask':215 'attempt':58,98,234 'bit':41,126 'block':8 'chang':221 'come':183 'config':19,34 'connect':51,159,166,177 'consid':137 'correct':91 'could':37 'default':120 'disabl':110,191 'elabor':39 'even':24 'express':20,35 'fail2ban':67,115 'filter':13,22 'free':171 'get':83 'gotten':146 'heavili':54 'hehe':75 'hit':55,71 'host':74,163 'key':141 'laxer':127 'like':66 'listen':151,225 'littl':85 'login':10,23,57,97,200,233 'made':161 'make':106,178 'malici':232 'match':18,33 'may':123 'meant':30 'move':138,164 'need':130,196 'network':49 'never':195 'new':176 'normal':61 'notic':79 'one':180 'open':48 'order':228 'port':153,169,223 'possibl':189 'question':181,211 're':45 'reason':81 'reduc':230 'regard':217 'repeat':70 'right':5 'root':9,101 'second':210 'sens':179 'server':207 'servic':65 'set':113,121 'soon':156 'ssh':140,150,199,224 'ssh-login':198 'stop':69 'sure':27,107 'time':204 'two':197 'unwant':231 'use':16,63,119 've':78,132 'want':104 'way':6 'whether':87,218 'would':194 'yeah':76 'yes':1 'yet':149"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678468"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630613 {#4413
      date: 2023-11-10 16:36:53.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    Match blocks allow you to restrict who/what is allowed or not allowed to connect to the server. There is a large number of options to utilize. Put this near the bottom of sshd_config. There should be an example there.\n
    \n
    Here are some more examples: [stackoverflow.com/…/sshd-with-multiple-match-sect…](https://stackoverflow.com/questions/10829712/sshd-with-multiple-match-sections-override-settings)
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699664361 {#4513
    date: 2023-11-11 01:59:21.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4516 …}
  +nested: Doctrine\ORM\PersistentCollection {#4518 …}
  +votes: Doctrine\ORM\PersistentCollection {#4520 …}
  +reports: Doctrine\ORM\PersistentCollection {#4522 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4524 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4526 …}
  -id: 109625
  -bodyTs: "'/questions/10829712/sshd-with-multiple-match-sections-override-settings)':50 '/sshd-with-multiple-match-sect':47 'allow':3,9,12 'block':2 'bottom':31 'config':34 'connect':14 'exampl':39,45 'larg':21 'match':1 'near':29 'number':22 'option':24 'put':27 'restrict':6 'server':17 'sshd':33 'stackoverflow.com':46,49 'stackoverflow.com/questions/10829712/sshd-with-multiple-match-sections-override-settings)':48 'util':26 'who/what':7"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ca/comment/4752907"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699664361 {#4514
    date: 2023-11-11 01:59:21.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4515
  +user: App\Entity\User {#4168 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4414
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4155
      +user: App\Entity\User {#4168 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: null
      +root: null
      +body: """
        Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
        \n
        If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
        \n
        Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 8
      +score: 0
      +lastActive: DateTime @1699912409 {#4149
        date: 2023-11-13 22:53:29.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4156 …}
      +nested: Doctrine\ORM\PersistentCollection {#4158 …}
      +votes: Doctrine\ORM\PersistentCollection {#4160 …}
      +reports: Doctrine\ORM\PersistentCollection {#4162 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
      -id: 107892
      -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ca/comment/4739106"
      +editedAt: DateTimeImmutable @1699759751 {#4150
        date: 2023-11-12 04:29:11.0 +01:00
      }
      +createdAt: DateTimeImmutable @1699630135 {#4151
        date: 2023-11-10 16:28:55.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4155}
    +body: """
      > Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      Not sure what you meant about the ‘match’ config expressions here. Could you elaborate a bit further?\n
      \n
      > If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Hehe, yeah, I’ve noticed… The reason I get a little anxious whether I did this correctly, is that 95% of the login attempts are to root, so I want to make sure it is disabled. I have set up Fail2Ban, but I am using default settings, which may be a bit laxer than they need?\n
      \n
      I’ve also been advised and considered moving to ssh keys, but I have not gotten to that yet.\n
      \n
      > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
      \n
      Makes sense. One question that comes from this is: is it possible to disable that? I would never need two ssh-logins at the same time on my server. And the second question is what I asked above regarding whether I should change the port ssh listens to in order to reduce unwanted malicious login attempts?
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699630613 {#4412
      date: 2023-11-10 16:36:53.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@willybe@lemmy.ca"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4415 …}
    +nested: Doctrine\ORM\PersistentCollection {#4417 …}
    +votes: Doctrine\ORM\PersistentCollection {#4419 …}
    +reports: Doctrine\ORM\PersistentCollection {#4421 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4423 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4425 …}
    -id: 107920
    -bodyTs: "'22':154,173 '95':94 'ad':12 'advis':135 'also':133 'anoth':64,168 'anxious':86 'ask':215 'attempt':58,98,234 'bit':41,126 'block':8 'chang':221 'come':183 'config':19,34 'connect':51,159,166,177 'consid':137 'correct':91 'could':37 'default':120 'disabl':110,191 'elabor':39 'even':24 'express':20,35 'fail2ban':67,115 'filter':13,22 'free':171 'get':83 'gotten':146 'heavili':54 'hehe':75 'hit':55,71 'host':74,163 'key':141 'laxer':127 'like':66 'listen':151,225 'littl':85 'login':10,23,57,97,200,233 'made':161 'make':106,178 'malici':232 'match':18,33 'may':123 'meant':30 'move':138,164 'need':130,196 'network':49 'never':195 'new':176 'normal':61 'notic':79 'one':180 'open':48 'order':228 'port':153,169,223 'possibl':189 'question':181,211 're':45 'reason':81 'reduc':230 'regard':217 'repeat':70 'right':5 'root':9,101 'second':210 'sens':179 'server':207 'servic':65 'set':113,121 'soon':156 'ssh':140,150,199,224 'ssh-login':198 'stop':69 'sure':27,107 'time':204 'two':197 'unwant':231 'use':16,63,119 've':78,132 'want':104 'way':6 'whether':87,218 'would':194 'yeah':76 'yes':1 'yet':149"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678468"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630613 {#4413
      date: 2023-11-10 16:36:53.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    Match blocks allow you to restrict who/what is allowed or not allowed to connect to the server. There is a large number of options to utilize. Put this near the bottom of sshd_config. There should be an example there.\n
    \n
    Here are some more examples: [stackoverflow.com/…/sshd-with-multiple-match-sect…](https://stackoverflow.com/questions/10829712/sshd-with-multiple-match-sections-override-settings)
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699664361 {#4513
    date: 2023-11-11 01:59:21.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4516 …}
  +nested: Doctrine\ORM\PersistentCollection {#4518 …}
  +votes: Doctrine\ORM\PersistentCollection {#4520 …}
  +reports: Doctrine\ORM\PersistentCollection {#4522 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4524 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4526 …}
  -id: 109625
  -bodyTs: "'/questions/10829712/sshd-with-multiple-match-sections-override-settings)':50 '/sshd-with-multiple-match-sect':47 'allow':3,9,12 'block':2 'bottom':31 'config':34 'connect':14 'exampl':39,45 'larg':21 'match':1 'near':29 'number':22 'option':24 'put':27 'restrict':6 'server':17 'sshd':33 'stackoverflow.com':46,49 'stackoverflow.com/questions/10829712/sshd-with-multiple-match-sections-override-settings)':48 'util':26 'who/what':7"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ca/comment/4752907"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699664361 {#4514
    date: 2023-11-11 01:59:21.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4584
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4515
    +user: App\Entity\User {#4168 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4414
      +user: Proxies\__CG__\App\Entity\User {#1970 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4155
        +user: App\Entity\User {#4168 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: null
        +root: null
        +body: """
          Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
          \n
          If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
          \n
          Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
          """
        +lang: "en"
        +isAdult: false
        +favouriteCount: 8
        +score: 0
        +lastActive: DateTime @1699912409 {#4149
          date: 2023-11-13 22:53:29.0 +01:00
        }
        +ip: null
        +tags: null
        +mentions: [
          "@cyberwolfie@lemmy.ml"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4156 …}
        +nested: Doctrine\ORM\PersistentCollection {#4158 …}
        +votes: Doctrine\ORM\PersistentCollection {#4160 …}
        +reports: Doctrine\ORM\PersistentCollection {#4162 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
        -id: 107892
        -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://lemmy.ca/comment/4739106"
        +editedAt: DateTimeImmutable @1699759751 {#4150
          date: 2023-11-12 04:29:11.0 +01:00
        }
        +createdAt: DateTimeImmutable @1699630135 {#4151
          date: 2023-11-10 16:28:55.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4155}
      +body: """
        > Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
        \n
        Not sure what you meant about the ‘match’ config expressions here. Could you elaborate a bit further?\n
        \n
        > If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
        \n
        Hehe, yeah, I’ve noticed… The reason I get a little anxious whether I did this correctly, is that 95% of the login attempts are to root, so I want to make sure it is disabled. I have set up Fail2Ban, but I am using default settings, which may be a bit laxer than they need?\n
        \n
        I’ve also been advised and considered moving to ssh keys, but I have not gotten to that yet.\n
        \n
        > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
        \n
        Makes sense. One question that comes from this is: is it possible to disable that? I would never need two ssh-logins at the same time on my server. And the second question is what I asked above regarding whether I should change the port ssh listens to in order to reduce unwanted malicious login attempts?
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 2
      +score: 0
      +lastActive: DateTime @1699630613 {#4412
        date: 2023-11-10 16:36:53.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@willybe@lemmy.ca"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4415 …}
      +nested: Doctrine\ORM\PersistentCollection {#4417 …}
      +votes: Doctrine\ORM\PersistentCollection {#4419 …}
      +reports: Doctrine\ORM\PersistentCollection {#4421 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4423 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4425 …}
      -id: 107920
      -bodyTs: "'22':154,173 '95':94 'ad':12 'advis':135 'also':133 'anoth':64,168 'anxious':86 'ask':215 'attempt':58,98,234 'bit':41,126 'block':8 'chang':221 'come':183 'config':19,34 'connect':51,159,166,177 'consid':137 'correct':91 'could':37 'default':120 'disabl':110,191 'elabor':39 'even':24 'express':20,35 'fail2ban':67,115 'filter':13,22 'free':171 'get':83 'gotten':146 'heavili':54 'hehe':75 'hit':55,71 'host':74,163 'key':141 'laxer':127 'like':66 'listen':151,225 'littl':85 'login':10,23,57,97,200,233 'made':161 'make':106,178 'malici':232 'match':18,33 'may':123 'meant':30 'move':138,164 'need':130,196 'network':49 'never':195 'new':176 'normal':61 'notic':79 'one':180 'open':48 'order':228 'port':153,169,223 'possibl':189 'question':181,211 're':45 'reason':81 'reduc':230 'regard':217 'repeat':70 'right':5 'root':9,101 'second':210 'sens':179 'server':207 'servic':65 'set':113,121 'soon':156 'ssh':140,150,199,224 'ssh-login':198 'stop':69 'sure':27,107 'time':204 'two':197 'unwant':231 'use':16,63,119 've':78,132 'want':104 'way':6 'whether':87,218 'would':194 'yeah':76 'yes':1 'yet':149"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ml/comment/5678468"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630613 {#4413
        date: 2023-11-10 16:36:53.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4155}
    +body: """
      Match blocks allow you to restrict who/what is allowed or not allowed to connect to the server. There is a large number of options to utilize. Put this near the bottom of sshd_config. There should be an example there.\n
      \n
      Here are some more examples: [stackoverflow.com/…/sshd-with-multiple-match-sect…](https://stackoverflow.com/questions/10829712/sshd-with-multiple-match-sections-override-settings)
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 1
    +score: 0
    +lastActive: DateTime @1699664361 {#4513
      date: 2023-11-11 01:59:21.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@willybe@lemmy.ca"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4516 …}
    +nested: Doctrine\ORM\PersistentCollection {#4518 …}
    +votes: Doctrine\ORM\PersistentCollection {#4520 …}
    +reports: Doctrine\ORM\PersistentCollection {#4522 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4524 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4526 …}
    -id: 109625
    -bodyTs: "'/questions/10829712/sshd-with-multiple-match-sections-override-settings)':50 '/sshd-with-multiple-match-sect':47 'allow':3,9,12 'block':2 'bottom':31 'config':34 'connect':14 'exampl':39,45 'larg':21 'match':1 'near':29 'number':22 'option':24 'put':27 'restrict':6 'server':17 'sshd':33 'stackoverflow.com':46,49 'stackoverflow.com/questions/10829712/sshd-with-multiple-match-sections-override-settings)':48 'util':26 'who/what':7"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ca/comment/4752907"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699664361 {#4514
      date: 2023-11-11 01:59:21.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: "Thanks - I’ll look more into that to see if I can make any rules that would make sense for my use case."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699784052 {#4582
    date: 2023-11-12 11:14:12.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4585 …}
  +nested: Doctrine\ORM\PersistentCollection {#4587 …}
  +votes: Doctrine\ORM\PersistentCollection {#4589 …}
  +reports: Doctrine\ORM\PersistentCollection {#4591 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4593 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4595 …}
  -id: 114931
  -bodyTs: "'case':23 'll':3 'look':4 'make':13,18 'rule':15 'see':9 'sens':19 'thank':1 'use':22 'would':17"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5731231"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699784052 {#4583
    date: 2023-11-12 11:14:12.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4584
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4515
    +user: App\Entity\User {#4168 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4414
      +user: Proxies\__CG__\App\Entity\User {#1970 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4155
        +user: App\Entity\User {#4168 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: null
        +root: null
        +body: """
          Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
          \n
          If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
          \n
          Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
          """
        +lang: "en"
        +isAdult: false
        +favouriteCount: 8
        +score: 0
        +lastActive: DateTime @1699912409 {#4149
          date: 2023-11-13 22:53:29.0 +01:00
        }
        +ip: null
        +tags: null
        +mentions: [
          "@cyberwolfie@lemmy.ml"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4156 …}
        +nested: Doctrine\ORM\PersistentCollection {#4158 …}
        +votes: Doctrine\ORM\PersistentCollection {#4160 …}
        +reports: Doctrine\ORM\PersistentCollection {#4162 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
        -id: 107892
        -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://lemmy.ca/comment/4739106"
        +editedAt: DateTimeImmutable @1699759751 {#4150
          date: 2023-11-12 04:29:11.0 +01:00
        }
        +createdAt: DateTimeImmutable @1699630135 {#4151
          date: 2023-11-10 16:28:55.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4155}
      +body: """
        > Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
        \n
        Not sure what you meant about the ‘match’ config expressions here. Could you elaborate a bit further?\n
        \n
        > If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
        \n
        Hehe, yeah, I’ve noticed… The reason I get a little anxious whether I did this correctly, is that 95% of the login attempts are to root, so I want to make sure it is disabled. I have set up Fail2Ban, but I am using default settings, which may be a bit laxer than they need?\n
        \n
        I’ve also been advised and considered moving to ssh keys, but I have not gotten to that yet.\n
        \n
        > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
        \n
        Makes sense. One question that comes from this is: is it possible to disable that? I would never need two ssh-logins at the same time on my server. And the second question is what I asked above regarding whether I should change the port ssh listens to in order to reduce unwanted malicious login attempts?
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 2
      +score: 0
      +lastActive: DateTime @1699630613 {#4412
        date: 2023-11-10 16:36:53.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@willybe@lemmy.ca"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4415 …}
      +nested: Doctrine\ORM\PersistentCollection {#4417 …}
      +votes: Doctrine\ORM\PersistentCollection {#4419 …}
      +reports: Doctrine\ORM\PersistentCollection {#4421 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4423 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4425 …}
      -id: 107920
      -bodyTs: "'22':154,173 '95':94 'ad':12 'advis':135 'also':133 'anoth':64,168 'anxious':86 'ask':215 'attempt':58,98,234 'bit':41,126 'block':8 'chang':221 'come':183 'config':19,34 'connect':51,159,166,177 'consid':137 'correct':91 'could':37 'default':120 'disabl':110,191 'elabor':39 'even':24 'express':20,35 'fail2ban':67,115 'filter':13,22 'free':171 'get':83 'gotten':146 'heavili':54 'hehe':75 'hit':55,71 'host':74,163 'key':141 'laxer':127 'like':66 'listen':151,225 'littl':85 'login':10,23,57,97,200,233 'made':161 'make':106,178 'malici':232 'match':18,33 'may':123 'meant':30 'move':138,164 'need':130,196 'network':49 'never':195 'new':176 'normal':61 'notic':79 'one':180 'open':48 'order':228 'port':153,169,223 'possibl':189 'question':181,211 're':45 'reason':81 'reduc':230 'regard':217 'repeat':70 'right':5 'root':9,101 'second':210 'sens':179 'server':207 'servic':65 'set':113,121 'soon':156 'ssh':140,150,199,224 'ssh-login':198 'stop':69 'sure':27,107 'time':204 'two':197 'unwant':231 'use':16,63,119 've':78,132 'want':104 'way':6 'whether':87,218 'would':194 'yeah':76 'yes':1 'yet':149"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ml/comment/5678468"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630613 {#4413
        date: 2023-11-10 16:36:53.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4155}
    +body: """
      Match blocks allow you to restrict who/what is allowed or not allowed to connect to the server. There is a large number of options to utilize. Put this near the bottom of sshd_config. There should be an example there.\n
      \n
      Here are some more examples: [stackoverflow.com/…/sshd-with-multiple-match-sect…](https://stackoverflow.com/questions/10829712/sshd-with-multiple-match-sections-override-settings)
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 1
    +score: 0
    +lastActive: DateTime @1699664361 {#4513
      date: 2023-11-11 01:59:21.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@willybe@lemmy.ca"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4516 …}
    +nested: Doctrine\ORM\PersistentCollection {#4518 …}
    +votes: Doctrine\ORM\PersistentCollection {#4520 …}
    +reports: Doctrine\ORM\PersistentCollection {#4522 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4524 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4526 …}
    -id: 109625
    -bodyTs: "'/questions/10829712/sshd-with-multiple-match-sections-override-settings)':50 '/sshd-with-multiple-match-sect':47 'allow':3,9,12 'block':2 'bottom':31 'config':34 'connect':14 'exampl':39,45 'larg':21 'match':1 'near':29 'number':22 'option':24 'put':27 'restrict':6 'server':17 'sshd':33 'stackoverflow.com':46,49 'stackoverflow.com/questions/10829712/sshd-with-multiple-match-sections-override-settings)':48 'util':26 'who/what':7"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ca/comment/4752907"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699664361 {#4514
      date: 2023-11-11 01:59:21.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: "Thanks - I’ll look more into that to see if I can make any rules that would make sense for my use case."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699784052 {#4582
    date: 2023-11-12 11:14:12.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4585 …}
  +nested: Doctrine\ORM\PersistentCollection {#4587 …}
  +votes: Doctrine\ORM\PersistentCollection {#4589 …}
  +reports: Doctrine\ORM\PersistentCollection {#4591 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4593 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4595 …}
  -id: 114931
  -bodyTs: "'case':23 'll':3 'look':4 'make':13,18 'rule':15 'see':9 'sens':19 'thank':1 'use':22 'would':17"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5731231"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699784052 {#4583
    date: 2023-11-12 11:14:12.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4584
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4515
    +user: App\Entity\User {#4168 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4414
      +user: Proxies\__CG__\App\Entity\User {#1970 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4155
        +user: App\Entity\User {#4168 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: null
        +root: null
        +body: """
          Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
          \n
          If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
          \n
          Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
          """
        +lang: "en"
        +isAdult: false
        +favouriteCount: 8
        +score: 0
        +lastActive: DateTime @1699912409 {#4149
          date: 2023-11-13 22:53:29.0 +01:00
        }
        +ip: null
        +tags: null
        +mentions: [
          "@cyberwolfie@lemmy.ml"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4156 …}
        +nested: Doctrine\ORM\PersistentCollection {#4158 …}
        +votes: Doctrine\ORM\PersistentCollection {#4160 …}
        +reports: Doctrine\ORM\PersistentCollection {#4162 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
        -id: 107892
        -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://lemmy.ca/comment/4739106"
        +editedAt: DateTimeImmutable @1699759751 {#4150
          date: 2023-11-12 04:29:11.0 +01:00
        }
        +createdAt: DateTimeImmutable @1699630135 {#4151
          date: 2023-11-10 16:28:55.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4155}
      +body: """
        > Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
        \n
        Not sure what you meant about the ‘match’ config expressions here. Could you elaborate a bit further?\n
        \n
        > If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
        \n
        Hehe, yeah, I’ve noticed… The reason I get a little anxious whether I did this correctly, is that 95% of the login attempts are to root, so I want to make sure it is disabled. I have set up Fail2Ban, but I am using default settings, which may be a bit laxer than they need?\n
        \n
        I’ve also been advised and considered moving to ssh keys, but I have not gotten to that yet.\n
        \n
        > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
        \n
        Makes sense. One question that comes from this is: is it possible to disable that? I would never need two ssh-logins at the same time on my server. And the second question is what I asked above regarding whether I should change the port ssh listens to in order to reduce unwanted malicious login attempts?
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 2
      +score: 0
      +lastActive: DateTime @1699630613 {#4412
        date: 2023-11-10 16:36:53.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@willybe@lemmy.ca"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4415 …}
      +nested: Doctrine\ORM\PersistentCollection {#4417 …}
      +votes: Doctrine\ORM\PersistentCollection {#4419 …}
      +reports: Doctrine\ORM\PersistentCollection {#4421 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4423 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4425 …}
      -id: 107920
      -bodyTs: "'22':154,173 '95':94 'ad':12 'advis':135 'also':133 'anoth':64,168 'anxious':86 'ask':215 'attempt':58,98,234 'bit':41,126 'block':8 'chang':221 'come':183 'config':19,34 'connect':51,159,166,177 'consid':137 'correct':91 'could':37 'default':120 'disabl':110,191 'elabor':39 'even':24 'express':20,35 'fail2ban':67,115 'filter':13,22 'free':171 'get':83 'gotten':146 'heavili':54 'hehe':75 'hit':55,71 'host':74,163 'key':141 'laxer':127 'like':66 'listen':151,225 'littl':85 'login':10,23,57,97,200,233 'made':161 'make':106,178 'malici':232 'match':18,33 'may':123 'meant':30 'move':138,164 'need':130,196 'network':49 'never':195 'new':176 'normal':61 'notic':79 'one':180 'open':48 'order':228 'port':153,169,223 'possibl':189 'question':181,211 're':45 'reason':81 'reduc':230 'regard':217 'repeat':70 'right':5 'root':9,101 'second':210 'sens':179 'server':207 'servic':65 'set':113,121 'soon':156 'ssh':140,150,199,224 'ssh-login':198 'stop':69 'sure':27,107 'time':204 'two':197 'unwant':231 'use':16,63,119 've':78,132 'want':104 'way':6 'whether':87,218 'would':194 'yeah':76 'yes':1 'yet':149"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ml/comment/5678468"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630613 {#4413
        date: 2023-11-10 16:36:53.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4155}
    +body: """
      Match blocks allow you to restrict who/what is allowed or not allowed to connect to the server. There is a large number of options to utilize. Put this near the bottom of sshd_config. There should be an example there.\n
      \n
      Here are some more examples: [stackoverflow.com/…/sshd-with-multiple-match-sect…](https://stackoverflow.com/questions/10829712/sshd-with-multiple-match-sections-override-settings)
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 1
    +score: 0
    +lastActive: DateTime @1699664361 {#4513
      date: 2023-11-11 01:59:21.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@willybe@lemmy.ca"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4516 …}
    +nested: Doctrine\ORM\PersistentCollection {#4518 …}
    +votes: Doctrine\ORM\PersistentCollection {#4520 …}
    +reports: Doctrine\ORM\PersistentCollection {#4522 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4524 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4526 …}
    -id: 109625
    -bodyTs: "'/questions/10829712/sshd-with-multiple-match-sections-override-settings)':50 '/sshd-with-multiple-match-sect':47 'allow':3,9,12 'block':2 'bottom':31 'config':34 'connect':14 'exampl':39,45 'larg':21 'match':1 'near':29 'number':22 'option':24 'put':27 'restrict':6 'server':17 'sshd':33 'stackoverflow.com':46,49 'stackoverflow.com/questions/10829712/sshd-with-multiple-match-sections-override-settings)':48 'util':26 'who/what':7"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ca/comment/4752907"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699664361 {#4514
      date: 2023-11-11 01:59:21.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: "Thanks - I’ll look more into that to see if I can make any rules that would make sense for my use case."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699784052 {#4582
    date: 2023-11-12 11:14:12.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4585 …}
  +nested: Doctrine\ORM\PersistentCollection {#4587 …}
  +votes: Doctrine\ORM\PersistentCollection {#4589 …}
  +reports: Doctrine\ORM\PersistentCollection {#4591 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4593 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4595 …}
  -id: 114931
  -bodyTs: "'case':23 'll':3 'look':4 'make':13,18 'rule':15 'see':9 'sens':19 'thank':1 'use':22 'would':17"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5731231"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699784052 {#4583
    date: 2023-11-12 11:14:12.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4430
  +user: Proxies\__CG__\App\Entity\User {#4431 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4155
    +user: App\Entity\User {#4168 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: """
      Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 8
    +score: 0
    +lastActive: DateTime @1699912409 {#4149
      date: 2023-11-13 22:53:29.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4156 …}
    +nested: Doctrine\ORM\PersistentCollection {#4158 …}
    +votes: Doctrine\ORM\PersistentCollection {#4160 …}
    +reports: Doctrine\ORM\PersistentCollection {#4162 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
    -id: 107892
    -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ca/comment/4739106"
    +editedAt: DateTimeImmutable @1699759751 {#4150
      date: 2023-11-12 04:29:11.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699630135 {#4151
      date: 2023-11-10 16:28:55.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
    \n
    There’s no limit on the number of concurrent connections on a single port, and SSH runs completely on the one port it is configured to use. Otherwise allowing just the port 22 in firewall wouldn’t be enough to have a functional SSH connection with default settings.\n
    \n
    You can verify that quite easily for example by spinning up three barebone Debian VMs connected to a single virtual network, configuring the firewall on the “server” VM to drop everything other than port 22 and then connecting from both client VMs - it will work just fine.\n
    \n
    Maybe you’re confusing it with the fact that only one process can listen on a given port at a time? But that’s only for establishing new connections. Existing connections can be passed off to another running process or a child process just fine, and that’s how SSH handles separation between connections.\n
    \n
    Edit: oh, you’re talking about the high port OP is wondering about. That’s just the source port, which is chosen randomly by the client OS when making a connection. Using port 22 (or any other port below 1025) as a source port would require root privileges on the client and would also conflict with the SSH server that could be running there. Still, it has nothing to do with SSH “moving connections over”
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 4
  +score: 0
  +lastActive: DateTime @1699631807 {#4427
    date: 2023-11-10 16:56:47.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4432 …}
  +nested: Doctrine\ORM\PersistentCollection {#4434 …}
  +votes: Doctrine\ORM\PersistentCollection {#4436 …}
  +reports: Doctrine\ORM\PersistentCollection {#4438 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4440 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4442 …}
  -id: 108001
  -bodyTs: "'1025':217 '22':5,24,61,111,211 'allow':57 'also':231 'anoth':19,160 'barebon':89 'child':165 'chosen':199 'client':117,203,228 'complet':46 'concurr':37 'configur':53,98 'conflict':232 'confus':127 'connect':10,17,28,38,73,92,114,152,154,177,208,251 'could':238 'debian':90 'default':75 'drop':106 'easili':82 'edit':178 'enough':67 'establish':150 'everyth':107 'exampl':84 'exist':153 'fact':131 'fine':123,168 'firewal':63,100 'free':22 'function':71 'given':140 'handl':174 'high':185 'host':14 'limit':32 'listen':2,137 'made':12 'make':206 'mayb':124 'move':15,250 'network':97 'new':27,151 'noth':245 'number':35 'oh':179 'one':49,134 'op':187 'os':204 'otherwis':56 'pass':157 'port':4,20,42,50,60,110,141,186,196,210,215,221 'privileg':225 'process':135,162,166 'quit':81 'random':200 're':126,181 'requir':223 'root':224 'run':45,161,240 'separ':175 'server':103,236 'set':76 'singl':41,95 'soon':7 'sourc':195,220 'spin':86 'ssh':1,44,72,173,235,249 'still':242 'talk':182 'three':88 'time':144 'use':55,209 'verifi':79 'virtual':96 'vm':104 'vms':91,118 'wonder':189 'work':121 'would':222,230 'wouldn':64"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.one/comment/4586568"
  +editedAt: DateTimeImmutable @1699709401 {#4428
    date: 2023-11-11 14:30:01.0 +01:00
  }
  +createdAt: DateTimeImmutable @1699631807 {#4429
    date: 2023-11-10 16:56:47.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4430
  +user: Proxies\__CG__\App\Entity\User {#4431 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4155
    +user: App\Entity\User {#4168 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: """
      Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 8
    +score: 0
    +lastActive: DateTime @1699912409 {#4149
      date: 2023-11-13 22:53:29.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4156 …}
    +nested: Doctrine\ORM\PersistentCollection {#4158 …}
    +votes: Doctrine\ORM\PersistentCollection {#4160 …}
    +reports: Doctrine\ORM\PersistentCollection {#4162 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
    -id: 107892
    -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ca/comment/4739106"
    +editedAt: DateTimeImmutable @1699759751 {#4150
      date: 2023-11-12 04:29:11.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699630135 {#4151
      date: 2023-11-10 16:28:55.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
    \n
    There’s no limit on the number of concurrent connections on a single port, and SSH runs completely on the one port it is configured to use. Otherwise allowing just the port 22 in firewall wouldn’t be enough to have a functional SSH connection with default settings.\n
    \n
    You can verify that quite easily for example by spinning up three barebone Debian VMs connected to a single virtual network, configuring the firewall on the “server” VM to drop everything other than port 22 and then connecting from both client VMs - it will work just fine.\n
    \n
    Maybe you’re confusing it with the fact that only one process can listen on a given port at a time? But that’s only for establishing new connections. Existing connections can be passed off to another running process or a child process just fine, and that’s how SSH handles separation between connections.\n
    \n
    Edit: oh, you’re talking about the high port OP is wondering about. That’s just the source port, which is chosen randomly by the client OS when making a connection. Using port 22 (or any other port below 1025) as a source port would require root privileges on the client and would also conflict with the SSH server that could be running there. Still, it has nothing to do with SSH “moving connections over”
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 4
  +score: 0
  +lastActive: DateTime @1699631807 {#4427
    date: 2023-11-10 16:56:47.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4432 …}
  +nested: Doctrine\ORM\PersistentCollection {#4434 …}
  +votes: Doctrine\ORM\PersistentCollection {#4436 …}
  +reports: Doctrine\ORM\PersistentCollection {#4438 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4440 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4442 …}
  -id: 108001
  -bodyTs: "'1025':217 '22':5,24,61,111,211 'allow':57 'also':231 'anoth':19,160 'barebon':89 'child':165 'chosen':199 'client':117,203,228 'complet':46 'concurr':37 'configur':53,98 'conflict':232 'confus':127 'connect':10,17,28,38,73,92,114,152,154,177,208,251 'could':238 'debian':90 'default':75 'drop':106 'easili':82 'edit':178 'enough':67 'establish':150 'everyth':107 'exampl':84 'exist':153 'fact':131 'fine':123,168 'firewal':63,100 'free':22 'function':71 'given':140 'handl':174 'high':185 'host':14 'limit':32 'listen':2,137 'made':12 'make':206 'mayb':124 'move':15,250 'network':97 'new':27,151 'noth':245 'number':35 'oh':179 'one':49,134 'op':187 'os':204 'otherwis':56 'pass':157 'port':4,20,42,50,60,110,141,186,196,210,215,221 'privileg':225 'process':135,162,166 'quit':81 'random':200 're':126,181 'requir':223 'root':224 'run':45,161,240 'separ':175 'server':103,236 'set':76 'singl':41,95 'soon':7 'sourc':195,220 'spin':86 'ssh':1,44,72,173,235,249 'still':242 'talk':182 'three':88 'time':144 'use':55,209 'verifi':79 'virtual':96 'vm':104 'vms':91,118 'wonder':189 'work':121 'would':222,230 'wouldn':64"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.one/comment/4586568"
  +editedAt: DateTimeImmutable @1699709401 {#4428
    date: 2023-11-11 14:30:01.0 +01:00
  }
  +createdAt: DateTimeImmutable @1699631807 {#4429
    date: 2023-11-10 16:56:47.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4430
  +user: Proxies\__CG__\App\Entity\User {#4431 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4155
    +user: App\Entity\User {#4168 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: """
      Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 8
    +score: 0
    +lastActive: DateTime @1699912409 {#4149
      date: 2023-11-13 22:53:29.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4156 …}
    +nested: Doctrine\ORM\PersistentCollection {#4158 …}
    +votes: Doctrine\ORM\PersistentCollection {#4160 …}
    +reports: Doctrine\ORM\PersistentCollection {#4162 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
    -id: 107892
    -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ca/comment/4739106"
    +editedAt: DateTimeImmutable @1699759751 {#4150
      date: 2023-11-12 04:29:11.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699630135 {#4151
      date: 2023-11-10 16:28:55.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
    \n
    There’s no limit on the number of concurrent connections on a single port, and SSH runs completely on the one port it is configured to use. Otherwise allowing just the port 22 in firewall wouldn’t be enough to have a functional SSH connection with default settings.\n
    \n
    You can verify that quite easily for example by spinning up three barebone Debian VMs connected to a single virtual network, configuring the firewall on the “server” VM to drop everything other than port 22 and then connecting from both client VMs - it will work just fine.\n
    \n
    Maybe you’re confusing it with the fact that only one process can listen on a given port at a time? But that’s only for establishing new connections. Existing connections can be passed off to another running process or a child process just fine, and that’s how SSH handles separation between connections.\n
    \n
    Edit: oh, you’re talking about the high port OP is wondering about. That’s just the source port, which is chosen randomly by the client OS when making a connection. Using port 22 (or any other port below 1025) as a source port would require root privileges on the client and would also conflict with the SSH server that could be running there. Still, it has nothing to do with SSH “moving connections over”
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 4
  +score: 0
  +lastActive: DateTime @1699631807 {#4427
    date: 2023-11-10 16:56:47.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4432 …}
  +nested: Doctrine\ORM\PersistentCollection {#4434 …}
  +votes: Doctrine\ORM\PersistentCollection {#4436 …}
  +reports: Doctrine\ORM\PersistentCollection {#4438 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4440 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4442 …}
  -id: 108001
  -bodyTs: "'1025':217 '22':5,24,61,111,211 'allow':57 'also':231 'anoth':19,160 'barebon':89 'child':165 'chosen':199 'client':117,203,228 'complet':46 'concurr':37 'configur':53,98 'conflict':232 'confus':127 'connect':10,17,28,38,73,92,114,152,154,177,208,251 'could':238 'debian':90 'default':75 'drop':106 'easili':82 'edit':178 'enough':67 'establish':150 'everyth':107 'exampl':84 'exist':153 'fact':131 'fine':123,168 'firewal':63,100 'free':22 'function':71 'given':140 'handl':174 'high':185 'host':14 'limit':32 'listen':2,137 'made':12 'make':206 'mayb':124 'move':15,250 'network':97 'new':27,151 'noth':245 'number':35 'oh':179 'one':49,134 'op':187 'os':204 'otherwis':56 'pass':157 'port':4,20,42,50,60,110,141,186,196,210,215,221 'privileg':225 'process':135,162,166 'quit':81 'random':200 're':126,181 'requir':223 'root':224 'run':45,161,240 'separ':175 'server':103,236 'set':76 'singl':41,95 'soon':7 'sourc':195,220 'spin':86 'ssh':1,44,72,173,235,249 'still':242 'talk':182 'three':88 'time':144 'use':55,209 'verifi':79 'virtual':96 'vm':104 'vms':91,118 'wonder':189 'work':121 'would':222,230 'wouldn':64"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.one/comment/4586568"
  +editedAt: DateTimeImmutable @1699709401 {#4428
    date: 2023-11-11 14:30:01.0 +01:00
  }
  +createdAt: DateTimeImmutable @1699631807 {#4429
    date: 2023-11-10 16:56:47.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4531
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4430
    +user: Proxies\__CG__\App\Entity\User {#4431 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4155
      +user: App\Entity\User {#4168 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: null
      +root: null
      +body: """
        Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
        \n
        If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
        \n
        Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 8
      +score: 0
      +lastActive: DateTime @1699912409 {#4149
        date: 2023-11-13 22:53:29.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4156 …}
      +nested: Doctrine\ORM\PersistentCollection {#4158 …}
      +votes: Doctrine\ORM\PersistentCollection {#4160 …}
      +reports: Doctrine\ORM\PersistentCollection {#4162 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
      -id: 107892
      -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ca/comment/4739106"
      +editedAt: DateTimeImmutable @1699759751 {#4150
        date: 2023-11-12 04:29:11.0 +01:00
      }
      +createdAt: DateTimeImmutable @1699630135 {#4151
        date: 2023-11-10 16:28:55.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4155}
    +body: """
      > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
      \n
      There’s no limit on the number of concurrent connections on a single port, and SSH runs completely on the one port it is configured to use. Otherwise allowing just the port 22 in firewall wouldn’t be enough to have a functional SSH connection with default settings.\n
      \n
      You can verify that quite easily for example by spinning up three barebone Debian VMs connected to a single virtual network, configuring the firewall on the “server” VM to drop everything other than port 22 and then connecting from both client VMs - it will work just fine.\n
      \n
      Maybe you’re confusing it with the fact that only one process can listen on a given port at a time? But that’s only for establishing new connections. Existing connections can be passed off to another running process or a child process just fine, and that’s how SSH handles separation between connections.\n
      \n
      Edit: oh, you’re talking about the high port OP is wondering about. That’s just the source port, which is chosen randomly by the client OS when making a connection. Using port 22 (or any other port below 1025) as a source port would require root privileges on the client and would also conflict with the SSH server that could be running there. Still, it has nothing to do with SSH “moving connections over”
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 4
    +score: 0
    +lastActive: DateTime @1699631807 {#4427
      date: 2023-11-10 16:56:47.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@willybe@lemmy.ca"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4432 …}
    +nested: Doctrine\ORM\PersistentCollection {#4434 …}
    +votes: Doctrine\ORM\PersistentCollection {#4436 …}
    +reports: Doctrine\ORM\PersistentCollection {#4438 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4440 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4442 …}
    -id: 108001
    -bodyTs: "'1025':217 '22':5,24,61,111,211 'allow':57 'also':231 'anoth':19,160 'barebon':89 'child':165 'chosen':199 'client':117,203,228 'complet':46 'concurr':37 'configur':53,98 'conflict':232 'confus':127 'connect':10,17,28,38,73,92,114,152,154,177,208,251 'could':238 'debian':90 'default':75 'drop':106 'easili':82 'edit':178 'enough':67 'establish':150 'everyth':107 'exampl':84 'exist':153 'fact':131 'fine':123,168 'firewal':63,100 'free':22 'function':71 'given':140 'handl':174 'high':185 'host':14 'limit':32 'listen':2,137 'made':12 'make':206 'mayb':124 'move':15,250 'network':97 'new':27,151 'noth':245 'number':35 'oh':179 'one':49,134 'op':187 'os':204 'otherwis':56 'pass':157 'port':4,20,42,50,60,110,141,186,196,210,215,221 'privileg':225 'process':135,162,166 'quit':81 'random':200 're':126,181 'requir':223 'root':224 'run':45,161,240 'separ':175 'server':103,236 'set':76 'singl':41,95 'soon':7 'sourc':195,220 'spin':86 'ssh':1,44,72,173,235,249 'still':242 'talk':182 'three':88 'time':144 'use':55,209 'verifi':79 'virtual':96 'vm':104 'vms':91,118 'wonder':189 'work':121 'would':222,230 'wouldn':64"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.one/comment/4586568"
    +editedAt: DateTimeImmutable @1699709401 {#4428
      date: 2023-11-11 14:30:01.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699631807 {#4429
      date: 2023-11-10 16:56:47.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    > Edit: oh, you’re talking about the high port OP is wondering about. That’s just the source port, which is chosen randomly by the client OS when making a connection. Using port 22 (or any other port below 1025) as a source port would require root privileges on the client and would also conflict with the SSH server that could be running there. Still, it has nothing to do with SSH “moving connections over”\n
    \n
    Ah, I see, so the port numbers shown in `auth.log` are all client side ports. I guess I thought that the listening port would be in the log and assumed that the port listed there would be it, but when I read the lines again, it clearly says “from ip.ad.dr.ess port 12345”
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699632737 {#4528
    date: 2023-11-10 17:12:17.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
    "@Markaos@lemmy.one"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4532 …}
  +nested: Doctrine\ORM\PersistentCollection {#4534 …}
  +votes: Doctrine\ORM\PersistentCollection {#4536 …}
  +reports: Doctrine\ORM\PersistentCollection {#4538 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4540 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4542 …}
  -id: 108067
  -bodyTs: "'1025':40 '12345':127 '22':34 'ah':76 'also':54 'assum':105 'auth.log':85 'chosen':22 'clear':122 'client':26,51,88 'conflict':55 'connect':31,74 'could':61 'edit':1 'guess':92 'high':8 'ip.ad.dr.ess':125 'line':119 'list':109 'listen':97 'log':103 'make':29 'move':73 'noth':68 'number':82 'oh':2 'op':10 'os':27 'port':9,19,33,38,44,81,90,98,108,126 'privileg':48 'random':23 're':4 'read':117 'requir':46 'root':47 'run':63 'say':123 'see':78 'server':59 'shown':83 'side':89 'sourc':18,43 'ssh':58,72 'still':65 'talk':5 'thought':94 'use':32 'wonder':12 'would':45,53,99,111"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5679435"
  +editedAt: DateTimeImmutable @1699710560 {#4529
    date: 2023-11-11 14:49:20.0 +01:00
  }
  +createdAt: DateTimeImmutable @1699632737 {#4530
    date: 2023-11-10 17:12:17.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4531
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4430
    +user: Proxies\__CG__\App\Entity\User {#4431 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4155
      +user: App\Entity\User {#4168 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: null
      +root: null
      +body: """
        Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
        \n
        If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
        \n
        Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 8
      +score: 0
      +lastActive: DateTime @1699912409 {#4149
        date: 2023-11-13 22:53:29.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4156 …}
      +nested: Doctrine\ORM\PersistentCollection {#4158 …}
      +votes: Doctrine\ORM\PersistentCollection {#4160 …}
      +reports: Doctrine\ORM\PersistentCollection {#4162 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
      -id: 107892
      -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ca/comment/4739106"
      +editedAt: DateTimeImmutable @1699759751 {#4150
        date: 2023-11-12 04:29:11.0 +01:00
      }
      +createdAt: DateTimeImmutable @1699630135 {#4151
        date: 2023-11-10 16:28:55.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4155}
    +body: """
      > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
      \n
      There’s no limit on the number of concurrent connections on a single port, and SSH runs completely on the one port it is configured to use. Otherwise allowing just the port 22 in firewall wouldn’t be enough to have a functional SSH connection with default settings.\n
      \n
      You can verify that quite easily for example by spinning up three barebone Debian VMs connected to a single virtual network, configuring the firewall on the “server” VM to drop everything other than port 22 and then connecting from both client VMs - it will work just fine.\n
      \n
      Maybe you’re confusing it with the fact that only one process can listen on a given port at a time? But that’s only for establishing new connections. Existing connections can be passed off to another running process or a child process just fine, and that’s how SSH handles separation between connections.\n
      \n
      Edit: oh, you’re talking about the high port OP is wondering about. That’s just the source port, which is chosen randomly by the client OS when making a connection. Using port 22 (or any other port below 1025) as a source port would require root privileges on the client and would also conflict with the SSH server that could be running there. Still, it has nothing to do with SSH “moving connections over”
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 4
    +score: 0
    +lastActive: DateTime @1699631807 {#4427
      date: 2023-11-10 16:56:47.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@willybe@lemmy.ca"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4432 …}
    +nested: Doctrine\ORM\PersistentCollection {#4434 …}
    +votes: Doctrine\ORM\PersistentCollection {#4436 …}
    +reports: Doctrine\ORM\PersistentCollection {#4438 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4440 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4442 …}
    -id: 108001
    -bodyTs: "'1025':217 '22':5,24,61,111,211 'allow':57 'also':231 'anoth':19,160 'barebon':89 'child':165 'chosen':199 'client':117,203,228 'complet':46 'concurr':37 'configur':53,98 'conflict':232 'confus':127 'connect':10,17,28,38,73,92,114,152,154,177,208,251 'could':238 'debian':90 'default':75 'drop':106 'easili':82 'edit':178 'enough':67 'establish':150 'everyth':107 'exampl':84 'exist':153 'fact':131 'fine':123,168 'firewal':63,100 'free':22 'function':71 'given':140 'handl':174 'high':185 'host':14 'limit':32 'listen':2,137 'made':12 'make':206 'mayb':124 'move':15,250 'network':97 'new':27,151 'noth':245 'number':35 'oh':179 'one':49,134 'op':187 'os':204 'otherwis':56 'pass':157 'port':4,20,42,50,60,110,141,186,196,210,215,221 'privileg':225 'process':135,162,166 'quit':81 'random':200 're':126,181 'requir':223 'root':224 'run':45,161,240 'separ':175 'server':103,236 'set':76 'singl':41,95 'soon':7 'sourc':195,220 'spin':86 'ssh':1,44,72,173,235,249 'still':242 'talk':182 'three':88 'time':144 'use':55,209 'verifi':79 'virtual':96 'vm':104 'vms':91,118 'wonder':189 'work':121 'would':222,230 'wouldn':64"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.one/comment/4586568"
    +editedAt: DateTimeImmutable @1699709401 {#4428
      date: 2023-11-11 14:30:01.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699631807 {#4429
      date: 2023-11-10 16:56:47.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    > Edit: oh, you’re talking about the high port OP is wondering about. That’s just the source port, which is chosen randomly by the client OS when making a connection. Using port 22 (or any other port below 1025) as a source port would require root privileges on the client and would also conflict with the SSH server that could be running there. Still, it has nothing to do with SSH “moving connections over”\n
    \n
    Ah, I see, so the port numbers shown in `auth.log` are all client side ports. I guess I thought that the listening port would be in the log and assumed that the port listed there would be it, but when I read the lines again, it clearly says “from ip.ad.dr.ess port 12345”
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699632737 {#4528
    date: 2023-11-10 17:12:17.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
    "@Markaos@lemmy.one"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4532 …}
  +nested: Doctrine\ORM\PersistentCollection {#4534 …}
  +votes: Doctrine\ORM\PersistentCollection {#4536 …}
  +reports: Doctrine\ORM\PersistentCollection {#4538 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4540 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4542 …}
  -id: 108067
  -bodyTs: "'1025':40 '12345':127 '22':34 'ah':76 'also':54 'assum':105 'auth.log':85 'chosen':22 'clear':122 'client':26,51,88 'conflict':55 'connect':31,74 'could':61 'edit':1 'guess':92 'high':8 'ip.ad.dr.ess':125 'line':119 'list':109 'listen':97 'log':103 'make':29 'move':73 'noth':68 'number':82 'oh':2 'op':10 'os':27 'port':9,19,33,38,44,81,90,98,108,126 'privileg':48 'random':23 're':4 'read':117 'requir':46 'root':47 'run':63 'say':123 'see':78 'server':59 'shown':83 'side':89 'sourc':18,43 'ssh':58,72 'still':65 'talk':5 'thought':94 'use':32 'wonder':12 'would':45,53,99,111"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5679435"
  +editedAt: DateTimeImmutable @1699710560 {#4529
    date: 2023-11-11 14:49:20.0 +01:00
  }
  +createdAt: DateTimeImmutable @1699632737 {#4530
    date: 2023-11-10 17:12:17.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4531
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4430
    +user: Proxies\__CG__\App\Entity\User {#4431 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4155
      +user: App\Entity\User {#4168 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: null
      +root: null
      +body: """
        Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
        \n
        If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
        \n
        Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 8
      +score: 0
      +lastActive: DateTime @1699912409 {#4149
        date: 2023-11-13 22:53:29.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4156 …}
      +nested: Doctrine\ORM\PersistentCollection {#4158 …}
      +votes: Doctrine\ORM\PersistentCollection {#4160 …}
      +reports: Doctrine\ORM\PersistentCollection {#4162 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
      -id: 107892
      -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ca/comment/4739106"
      +editedAt: DateTimeImmutable @1699759751 {#4150
        date: 2023-11-12 04:29:11.0 +01:00
      }
      +createdAt: DateTimeImmutable @1699630135 {#4151
        date: 2023-11-10 16:28:55.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4155}
    +body: """
      > Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.\n
      \n
      There’s no limit on the number of concurrent connections on a single port, and SSH runs completely on the one port it is configured to use. Otherwise allowing just the port 22 in firewall wouldn’t be enough to have a functional SSH connection with default settings.\n
      \n
      You can verify that quite easily for example by spinning up three barebone Debian VMs connected to a single virtual network, configuring the firewall on the “server” VM to drop everything other than port 22 and then connecting from both client VMs - it will work just fine.\n
      \n
      Maybe you’re confusing it with the fact that only one process can listen on a given port at a time? But that’s only for establishing new connections. Existing connections can be passed off to another running process or a child process just fine, and that’s how SSH handles separation between connections.\n
      \n
      Edit: oh, you’re talking about the high port OP is wondering about. That’s just the source port, which is chosen randomly by the client OS when making a connection. Using port 22 (or any other port below 1025) as a source port would require root privileges on the client and would also conflict with the SSH server that could be running there. Still, it has nothing to do with SSH “moving connections over”
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 4
    +score: 0
    +lastActive: DateTime @1699631807 {#4427
      date: 2023-11-10 16:56:47.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@willybe@lemmy.ca"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4432 …}
    +nested: Doctrine\ORM\PersistentCollection {#4434 …}
    +votes: Doctrine\ORM\PersistentCollection {#4436 …}
    +reports: Doctrine\ORM\PersistentCollection {#4438 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4440 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4442 …}
    -id: 108001
    -bodyTs: "'1025':217 '22':5,24,61,111,211 'allow':57 'also':231 'anoth':19,160 'barebon':89 'child':165 'chosen':199 'client':117,203,228 'complet':46 'concurr':37 'configur':53,98 'conflict':232 'confus':127 'connect':10,17,28,38,73,92,114,152,154,177,208,251 'could':238 'debian':90 'default':75 'drop':106 'easili':82 'edit':178 'enough':67 'establish':150 'everyth':107 'exampl':84 'exist':153 'fact':131 'fine':123,168 'firewal':63,100 'free':22 'function':71 'given':140 'handl':174 'high':185 'host':14 'limit':32 'listen':2,137 'made':12 'make':206 'mayb':124 'move':15,250 'network':97 'new':27,151 'noth':245 'number':35 'oh':179 'one':49,134 'op':187 'os':204 'otherwis':56 'pass':157 'port':4,20,42,50,60,110,141,186,196,210,215,221 'privileg':225 'process':135,162,166 'quit':81 'random':200 're':126,181 'requir':223 'root':224 'run':45,161,240 'separ':175 'server':103,236 'set':76 'singl':41,95 'soon':7 'sourc':195,220 'spin':86 'ssh':1,44,72,173,235,249 'still':242 'talk':182 'three':88 'time':144 'use':55,209 'verifi':79 'virtual':96 'vm':104 'vms':91,118 'wonder':189 'work':121 'would':222,230 'wouldn':64"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.one/comment/4586568"
    +editedAt: DateTimeImmutable @1699709401 {#4428
      date: 2023-11-11 14:30:01.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699631807 {#4429
      date: 2023-11-10 16:56:47.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: """
    > Edit: oh, you’re talking about the high port OP is wondering about. That’s just the source port, which is chosen randomly by the client OS when making a connection. Using port 22 (or any other port below 1025) as a source port would require root privileges on the client and would also conflict with the SSH server that could be running there. Still, it has nothing to do with SSH “moving connections over”\n
    \n
    Ah, I see, so the port numbers shown in `auth.log` are all client side ports. I guess I thought that the listening port would be in the log and assumed that the port listed there would be it, but when I read the lines again, it clearly says “from ip.ad.dr.ess port 12345”
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699632737 {#4528
    date: 2023-11-10 17:12:17.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
    "@Markaos@lemmy.one"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4532 …}
  +nested: Doctrine\ORM\PersistentCollection {#4534 …}
  +votes: Doctrine\ORM\PersistentCollection {#4536 …}
  +reports: Doctrine\ORM\PersistentCollection {#4538 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4540 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4542 …}
  -id: 108067
  -bodyTs: "'1025':40 '12345':127 '22':34 'ah':76 'also':54 'assum':105 'auth.log':85 'chosen':22 'clear':122 'client':26,51,88 'conflict':55 'connect':31,74 'could':61 'edit':1 'guess':92 'high':8 'ip.ad.dr.ess':125 'line':119 'list':109 'listen':97 'log':103 'make':29 'move':73 'noth':68 'number':82 'oh':2 'op':10 'os':27 'port':9,19,33,38,44,81,90,98,108,126 'privileg':48 'random':23 're':4 'read':117 'requir':46 'root':47 'run':63 'say':123 'see':78 'server':59 'shown':83 'side':89 'sourc':18,43 'ssh':58,72 'still':65 'talk':5 'thought':94 'use':32 'wonder':12 'would':45,53,99,111"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5679435"
  +editedAt: DateTimeImmutable @1699710560 {#4529
    date: 2023-11-11 14:49:20.0 +01:00
  }
  +createdAt: DateTimeImmutable @1699632737 {#4530
    date: 2023-11-10 17:12:17.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4446
  +user: Proxies\__CG__\App\Entity\User {#4447 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4155
    +user: App\Entity\User {#4168 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: """
      Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 8
    +score: 0
    +lastActive: DateTime @1699912409 {#4149
      date: 2023-11-13 22:53:29.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4156 …}
    +nested: Doctrine\ORM\PersistentCollection {#4158 …}
    +votes: Doctrine\ORM\PersistentCollection {#4160 …}
    +reports: Doctrine\ORM\PersistentCollection {#4162 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
    -id: 107892
    -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ca/comment/4739106"
    +editedAt: DateTimeImmutable @1699759751 {#4150
      date: 2023-11-12 04:29:11.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699630135 {#4151
      date: 2023-11-10 16:28:55.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: "These days I don’t even bother installing fail2ban or changing ssh port anymore. I’ll just disable root and password login and be done with it."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699638818 {#4444
    date: 2023-11-10 18:53:38.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4448 …}
  +nested: Doctrine\ORM\PersistentCollection {#4450 …}
  +votes: Doctrine\ORM\PersistentCollection {#4452 …}
  +reports: Doctrine\ORM\PersistentCollection {#4454 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4456 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4458 …}
  -id: 108465
  -bodyTs: "'anymor':14 'bother':7 'chang':11 'day':2 'disabl':18 'done':25 'even':6 'fail2ban':9 'instal':8 'll':16 'login':22 'password':21 'port':13 'root':19 'ssh':12"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.institute/comment/1418761"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699638818 {#4445
    date: 2023-11-10 18:53:38.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4446
  +user: Proxies\__CG__\App\Entity\User {#4447 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4155
    +user: App\Entity\User {#4168 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: """
      Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 8
    +score: 0
    +lastActive: DateTime @1699912409 {#4149
      date: 2023-11-13 22:53:29.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4156 …}
    +nested: Doctrine\ORM\PersistentCollection {#4158 …}
    +votes: Doctrine\ORM\PersistentCollection {#4160 …}
    +reports: Doctrine\ORM\PersistentCollection {#4162 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
    -id: 107892
    -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ca/comment/4739106"
    +editedAt: DateTimeImmutable @1699759751 {#4150
      date: 2023-11-12 04:29:11.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699630135 {#4151
      date: 2023-11-10 16:28:55.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: "These days I don’t even bother installing fail2ban or changing ssh port anymore. I’ll just disable root and password login and be done with it."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699638818 {#4444
    date: 2023-11-10 18:53:38.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4448 …}
  +nested: Doctrine\ORM\PersistentCollection {#4450 …}
  +votes: Doctrine\ORM\PersistentCollection {#4452 …}
  +reports: Doctrine\ORM\PersistentCollection {#4454 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4456 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4458 …}
  -id: 108465
  -bodyTs: "'anymor':14 'bother':7 'chang':11 'day':2 'disabl':18 'done':25 'even':6 'fail2ban':9 'instal':8 'll':16 'login':22 'password':21 'port':13 'root':19 'ssh':12"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.institute/comment/1418761"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699638818 {#4445
    date: 2023-11-10 18:53:38.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4446
  +user: Proxies\__CG__\App\Entity\User {#4447 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4155
    +user: App\Entity\User {#4168 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: """
      Yes that’s the right way to block root login. An added filter you can use the ‘match’ config expression to filter logins even further.\n
      \n
      If you’re on the open network, your connection will be heavily hit with login attempts. That is normal. But using another service like Fail2Ban will stop repeated hits to your host.\n
      \n
      Ssh listens on port 22, as soon as a connection is made the host moves the connection to another port to free up 22 for other new connections.Btw: I wasn’t thinking clearly here. Out going connections won’t be using port 22, but the listening incoming port is always 22.
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 8
    +score: 0
    +lastActive: DateTime @1699912409 {#4149
      date: 2023-11-13 22:53:29.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4156 …}
    +nested: Doctrine\ORM\PersistentCollection {#4158 …}
    +votes: Doctrine\ORM\PersistentCollection {#4160 …}
    +reports: Doctrine\ORM\PersistentCollection {#4162 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4164 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4166 …}
    -id: 107892
    -bodyTs: "'22':62,81,100,108 'ad':12 'alway':107 'anoth':47,76 'attempt':41 'block':8 'clear':90 'config':19 'connect':34,67,74,94 'connections.btw':85 'even':24 'express':20 'fail2ban':50 'filter':13,22 'free':79 'go':93 'heavili':37 'hit':38,54 'host':57,71 'incom':104 'like':49 'listen':59,103 'login':10,23,40 'made':69 'match':18 'move':72 'network':32 'new':84 'normal':44 'open':31 'port':61,77,99,105 're':28 'repeat':53 'right':5 'root':9 'servic':48 'soon':64 'ssh':58 'stop':52 'think':89 'use':16,46,98 'wasn':87 'way':6 'won':95 'yes':1"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ca/comment/4739106"
    +editedAt: DateTimeImmutable @1699759751 {#4150
      date: 2023-11-12 04:29:11.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699630135 {#4151
      date: 2023-11-10 16:28:55.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4155}
  +body: "These days I don’t even bother installing fail2ban or changing ssh port anymore. I’ll just disable root and password login and be done with it."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699638818 {#4444
    date: 2023-11-10 18:53:38.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@willybe@lemmy.ca"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4448 …}
  +nested: Doctrine\ORM\PersistentCollection {#4450 …}
  +votes: Doctrine\ORM\PersistentCollection {#4452 …}
  +reports: Doctrine\ORM\PersistentCollection {#4454 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4456 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4458 …}
  -id: 108465
  -bodyTs: "'anymor':14 'bother':7 'chang':11 'day':2 'disabl':18 'done':25 'even':6 'fail2ban':9 'instal':8 'll':16 'login':22 'password':21 'port':13 'root':19 'ssh':12"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.institute/comment/1418761"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699638818 {#4445
    date: 2023-11-10 18:53:38.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4228
  +user: App\Entity\User {#4241 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699706825 {#4223
    date: 2023-11-11 13:47:05.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@StarkZarn"
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4229 …}
  +nested: Doctrine\ORM\PersistentCollection {#4231 …}
  +votes: Doctrine\ORM\PersistentCollection {#4233 …}
  +reports: Doctrine\ORM\PersistentCollection {#4235 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4237 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4239 …}
  -id: 107881
  -bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://feddit.de/comment/4689737"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630012 {#4224
    date: 2023-11-10 16:26:52.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4228
  +user: App\Entity\User {#4241 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699706825 {#4223
    date: 2023-11-11 13:47:05.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@StarkZarn"
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4229 …}
  +nested: Doctrine\ORM\PersistentCollection {#4231 …}
  +votes: Doctrine\ORM\PersistentCollection {#4233 …}
  +reports: Doctrine\ORM\PersistentCollection {#4235 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4237 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4239 …}
  -id: 107881
  -bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://feddit.de/comment/4689737"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630012 {#4224
    date: 2023-11-10 16:26:52.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4228
  +user: App\Entity\User {#4241 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 1
  +score: 0
  +lastActive: DateTime @1699706825 {#4223
    date: 2023-11-11 13:47:05.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@StarkZarn"
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4229 …}
  +nested: Doctrine\ORM\PersistentCollection {#4231 …}
  +votes: Doctrine\ORM\PersistentCollection {#4233 …}
  +reports: Doctrine\ORM\PersistentCollection {#4235 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4237 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4239 …}
  -id: 107881
  -bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://feddit.de/comment/4689737"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630012 {#4224
    date: 2023-11-10 16:26:52.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4399
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4228
    +user: App\Entity\User {#4241 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
    +lang: "en"
    +isAdult: false
    +favouriteCount: 1
    +score: 0
    +lastActive: DateTime @1699706825 {#4223
      date: 2023-11-11 13:47:05.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@StarkZarn"
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4229 …}
    +nested: Doctrine\ORM\PersistentCollection {#4231 …}
    +votes: Doctrine\ORM\PersistentCollection {#4233 …}
    +reports: Doctrine\ORM\PersistentCollection {#4235 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4237 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4239 …}
    -id: 107881
    -bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://feddit.de/comment/4689737"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630012 {#4224
      date: 2023-11-10 16:26:52.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4228}
  +body: "Yes, this is something I did when setting up the server some time ago, and as a step in the process I rebooted the system after changing the config."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699630064 {#4397
    date: 2023-11-10 16:27:44.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@StarkZarn"
    "@cyberwolfie@lemmy.ml"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4400 …}
  +nested: Doctrine\ORM\PersistentCollection {#4402 …}
  +votes: Doctrine\ORM\PersistentCollection {#4404 …}
  +reports: Doctrine\ORM\PersistentCollection {#4406 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4408 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4410 …}
  -id: 107886
  -bodyTs: "'ago':14 'chang':27 'config':29 'process':21 'reboot':23 'server':11 'set':8 'someth':4 'step':18 'system':25 'time':13 'yes':1"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678213"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630064 {#4398
    date: 2023-11-10 16:27:44.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4399
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4228
    +user: App\Entity\User {#4241 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
    +lang: "en"
    +isAdult: false
    +favouriteCount: 1
    +score: 0
    +lastActive: DateTime @1699706825 {#4223
      date: 2023-11-11 13:47:05.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@StarkZarn"
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4229 …}
    +nested: Doctrine\ORM\PersistentCollection {#4231 …}
    +votes: Doctrine\ORM\PersistentCollection {#4233 …}
    +reports: Doctrine\ORM\PersistentCollection {#4235 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4237 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4239 …}
    -id: 107881
    -bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://feddit.de/comment/4689737"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630012 {#4224
      date: 2023-11-10 16:26:52.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4228}
  +body: "Yes, this is something I did when setting up the server some time ago, and as a step in the process I rebooted the system after changing the config."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699630064 {#4397
    date: 2023-11-10 16:27:44.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@StarkZarn"
    "@cyberwolfie@lemmy.ml"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4400 …}
  +nested: Doctrine\ORM\PersistentCollection {#4402 …}
  +votes: Doctrine\ORM\PersistentCollection {#4404 …}
  +reports: Doctrine\ORM\PersistentCollection {#4406 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4408 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4410 …}
  -id: 107886
  -bodyTs: "'ago':14 'chang':27 'config':29 'process':21 'reboot':23 'server':11 'set':8 'someth':4 'step':18 'system':25 'time':13 'yes':1"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678213"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630064 {#4398
    date: 2023-11-10 16:27:44.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4399
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4228
    +user: App\Entity\User {#4241 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: "What @StarkZarn said is correct. Just one more thing: Did you reload/restart the sshd service after changing the configuration? If so you should be good."
    +lang: "en"
    +isAdult: false
    +favouriteCount: 1
    +score: 0
    +lastActive: DateTime @1699706825 {#4223
      date: 2023-11-11 13:47:05.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@StarkZarn"
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4229 …}
    +nested: Doctrine\ORM\PersistentCollection {#4231 …}
    +votes: Doctrine\ORM\PersistentCollection {#4233 …}
    +reports: Doctrine\ORM\PersistentCollection {#4235 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4237 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4239 …}
    -id: 107881
    -bodyTs: "'chang':17 'configur':19 'correct':5 'good':25 'one':7 'reload/restart':12 'said':3 'servic':15 'sshd':14 'starkzarn':2 'thing':9"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://feddit.de/comment/4689737"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630012 {#4224
      date: 2023-11-10 16:26:52.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4228}
  +body: "Yes, this is something I did when setting up the server some time ago, and as a step in the process I rebooted the system after changing the config."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699630064 {#4397
    date: 2023-11-10 16:27:44.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@StarkZarn"
    "@cyberwolfie@lemmy.ml"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4400 …}
  +nested: Doctrine\ORM\PersistentCollection {#4402 …}
  +votes: Doctrine\ORM\PersistentCollection {#4404 …}
  +reports: Doctrine\ORM\PersistentCollection {#4406 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4408 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4410 …}
  -id: 107886
  -bodyTs: "'ago':14 'chang':27 'config':29 'process':21 'reboot':23 'server':11 'set':8 'someth':4 'step':18 'system':25 'time':13 'yes':1"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678213"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630064 {#4398
    date: 2023-11-10 16:27:44.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4301
  +user: App\Entity\User {#4314 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 12
  +score: 0
  +lastActive: DateTime @1699731832 {#4296
    date: 2023-11-11 20:43:52.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4302 …}
  +nested: Doctrine\ORM\PersistentCollection {#4304 …}
  +votes: Doctrine\ORM\PersistentCollection {#4306 …}
  +reports: Doctrine\ORM\PersistentCollection {#4308 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
  -id: 107858
  -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://infosec.pub/comment/4119380"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699629642 {#4297
    date: 2023-11-10 16:20:42.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4301
  +user: App\Entity\User {#4314 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 12
  +score: 0
  +lastActive: DateTime @1699731832 {#4296
    date: 2023-11-11 20:43:52.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4302 …}
  +nested: Doctrine\ORM\PersistentCollection {#4304 …}
  +votes: Doctrine\ORM\PersistentCollection {#4306 …}
  +reports: Doctrine\ORM\PersistentCollection {#4308 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
  -id: 107858
  -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://infosec.pub/comment/4119380"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699629642 {#4297
    date: 2023-11-10 16:20:42.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4301
  +user: App\Entity\User {#4314 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: null
  +root: null
  +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 12
  +score: 0
  +lastActive: DateTime @1699731832 {#4296
    date: 2023-11-11 20:43:52.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4302 …}
  +nested: Doctrine\ORM\PersistentCollection {#4304 …}
  +votes: Doctrine\ORM\PersistentCollection {#4306 …}
  +reports: Doctrine\ORM\PersistentCollection {#4308 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
  -id: 107858
  -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://infosec.pub/comment/4119380"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699629642 {#4297
    date: 2023-11-10 16:20:42.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4386
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4301
    +user: App\Entity\User {#4314 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
    +lang: "en"
    +isAdult: false
    +favouriteCount: 12
    +score: 0
    +lastActive: DateTime @1699731832 {#4296
      date: 2023-11-11 20:43:52.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4302 …}
    +nested: Doctrine\ORM\PersistentCollection {#4304 …}
    +votes: Doctrine\ORM\PersistentCollection {#4306 …}
    +reports: Doctrine\ORM\PersistentCollection {#4308 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
    -id: 107858
    -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://infosec.pub/comment/4119380"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629642 {#4297
      date: 2023-11-10 16:20:42.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: """
    Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
    \n
    That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699630006 {#4387
    date: 2023-11-10 16:26:46.0 +01:00
  }
  +ip: null
  +tags: [
    "port"
  ]
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4382 …}
  +nested: Doctrine\ORM\PersistentCollection {#4377 …}
  +votes: Doctrine\ORM\PersistentCollection {#4381 …}
  +reports: Doctrine\ORM\PersistentCollection {#4391 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
  -id: 107877
  -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678183"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630006 {#4390
    date: 2023-11-10 16:26:46.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4386
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4301
    +user: App\Entity\User {#4314 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
    +lang: "en"
    +isAdult: false
    +favouriteCount: 12
    +score: 0
    +lastActive: DateTime @1699731832 {#4296
      date: 2023-11-11 20:43:52.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4302 …}
    +nested: Doctrine\ORM\PersistentCollection {#4304 …}
    +votes: Doctrine\ORM\PersistentCollection {#4306 …}
    +reports: Doctrine\ORM\PersistentCollection {#4308 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
    -id: 107858
    -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://infosec.pub/comment/4119380"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629642 {#4297
      date: 2023-11-10 16:20:42.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: """
    Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
    \n
    That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699630006 {#4387
    date: 2023-11-10 16:26:46.0 +01:00
  }
  +ip: null
  +tags: [
    "port"
  ]
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4382 …}
  +nested: Doctrine\ORM\PersistentCollection {#4377 …}
  +votes: Doctrine\ORM\PersistentCollection {#4381 …}
  +reports: Doctrine\ORM\PersistentCollection {#4391 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
  -id: 107877
  -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678183"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630006 {#4390
    date: 2023-11-10 16:26:46.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4386
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4301
    +user: App\Entity\User {#4314 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: null
    +root: null
    +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
    +lang: "en"
    +isAdult: false
    +favouriteCount: 12
    +score: 0
    +lastActive: DateTime @1699731832 {#4296
      date: 2023-11-11 20:43:52.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4302 …}
    +nested: Doctrine\ORM\PersistentCollection {#4304 …}
    +votes: Doctrine\ORM\PersistentCollection {#4306 …}
    +reports: Doctrine\ORM\PersistentCollection {#4308 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
    -id: 107858
    -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://infosec.pub/comment/4119380"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629642 {#4297
      date: 2023-11-10 16:20:42.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: """
    Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
    \n
    That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699630006 {#4387
    date: 2023-11-10 16:26:46.0 +01:00
  }
  +ip: null
  +tags: [
    "port"
  ]
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4382 …}
  +nested: Doctrine\ORM\PersistentCollection {#4377 …}
  +votes: Doctrine\ORM\PersistentCollection {#4381 …}
  +reports: Doctrine\ORM\PersistentCollection {#4391 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
  -id: 107877
  -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678183"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630006 {#4390
    date: 2023-11-10 16:26:46.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4480
  +user: App\Entity\User {#4241 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4386
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4301
      +user: App\Entity\User {#4314 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: null
      +root: null
      +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
      +lang: "en"
      +isAdult: false
      +favouriteCount: 12
      +score: 0
      +lastActive: DateTime @1699731832 {#4296
        date: 2023-11-11 20:43:52.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4302 …}
      +nested: Doctrine\ORM\PersistentCollection {#4304 …}
      +votes: Doctrine\ORM\PersistentCollection {#4306 …}
      +reports: Doctrine\ORM\PersistentCollection {#4308 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
      -id: 107858
      -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://infosec.pub/comment/4119380"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699629642 {#4297
        date: 2023-11-10 16:20:42.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: """
      Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
      \n
      That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699630006 {#4387
      date: 2023-11-10 16:26:46.0 +01:00
    }
    +ip: null
    +tags: [
      "port"
    ]
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4382 …}
    +nested: Doctrine\ORM\PersistentCollection {#4377 …}
    +votes: Doctrine\ORM\PersistentCollection {#4381 …}
    +reports: Doctrine\ORM\PersistentCollection {#4391 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
    -id: 107877
    -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678183"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630006 {#4390
      date: 2023-11-10 16:26:46.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 10
  +score: 0
  +lastActive: DateTime @1699630241 {#4479
    date: 2023-11-10 16:30:41.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4484 …}
  +nested: Doctrine\ORM\PersistentCollection {#4490 …}
  +votes: Doctrine\ORM\PersistentCollection {#4486 …}
  +reports: Doctrine\ORM\PersistentCollection {#4491 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
  -id: 107899
  -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://feddit.de/comment/4689891"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630241 {#4476
    date: 2023-11-10 16:30:41.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4480
  +user: App\Entity\User {#4241 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4386
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4301
      +user: App\Entity\User {#4314 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: null
      +root: null
      +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
      +lang: "en"
      +isAdult: false
      +favouriteCount: 12
      +score: 0
      +lastActive: DateTime @1699731832 {#4296
        date: 2023-11-11 20:43:52.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4302 …}
      +nested: Doctrine\ORM\PersistentCollection {#4304 …}
      +votes: Doctrine\ORM\PersistentCollection {#4306 …}
      +reports: Doctrine\ORM\PersistentCollection {#4308 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
      -id: 107858
      -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://infosec.pub/comment/4119380"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699629642 {#4297
        date: 2023-11-10 16:20:42.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: """
      Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
      \n
      That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699630006 {#4387
      date: 2023-11-10 16:26:46.0 +01:00
    }
    +ip: null
    +tags: [
      "port"
    ]
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4382 …}
    +nested: Doctrine\ORM\PersistentCollection {#4377 …}
    +votes: Doctrine\ORM\PersistentCollection {#4381 …}
    +reports: Doctrine\ORM\PersistentCollection {#4391 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
    -id: 107877
    -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678183"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630006 {#4390
      date: 2023-11-10 16:26:46.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 10
  +score: 0
  +lastActive: DateTime @1699630241 {#4479
    date: 2023-11-10 16:30:41.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4484 …}
  +nested: Doctrine\ORM\PersistentCollection {#4490 …}
  +votes: Doctrine\ORM\PersistentCollection {#4486 …}
  +reports: Doctrine\ORM\PersistentCollection {#4491 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
  -id: 107899
  -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://feddit.de/comment/4689891"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630241 {#4476
    date: 2023-11-10 16:30:41.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4480
  +user: App\Entity\User {#4241 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4386
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4301
      +user: App\Entity\User {#4314 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: null
      +root: null
      +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
      +lang: "en"
      +isAdult: false
      +favouriteCount: 12
      +score: 0
      +lastActive: DateTime @1699731832 {#4296
        date: 2023-11-11 20:43:52.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4302 …}
      +nested: Doctrine\ORM\PersistentCollection {#4304 …}
      +votes: Doctrine\ORM\PersistentCollection {#4306 …}
      +reports: Doctrine\ORM\PersistentCollection {#4308 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
      -id: 107858
      -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://infosec.pub/comment/4119380"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699629642 {#4297
        date: 2023-11-10 16:20:42.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: """
      Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
      \n
      That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699630006 {#4387
      date: 2023-11-10 16:26:46.0 +01:00
    }
    +ip: null
    +tags: [
      "port"
    ]
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4382 …}
    +nested: Doctrine\ORM\PersistentCollection {#4377 …}
    +votes: Doctrine\ORM\PersistentCollection {#4381 …}
    +reports: Doctrine\ORM\PersistentCollection {#4391 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
    -id: 107877
    -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678183"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630006 {#4390
      date: 2023-11-10 16:26:46.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
  +lang: "en"
  +isAdult: false
  +favouriteCount: 10
  +score: 0
  +lastActive: DateTime @1699630241 {#4479
    date: 2023-11-10 16:30:41.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4484 …}
  +nested: Doctrine\ORM\PersistentCollection {#4490 …}
  +votes: Doctrine\ORM\PersistentCollection {#4486 …}
  +reports: Doctrine\ORM\PersistentCollection {#4491 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
  -id: 107899
  -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://feddit.de/comment/4689891"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630241 {#4476
    date: 2023-11-10 16:30:41.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4550
  +user: Proxies\__CG__\App\Entity\User {#4553 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4480
    +user: App\Entity\User {#4241 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4386
      +user: Proxies\__CG__\App\Entity\User {#1970 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4301
        +user: App\Entity\User {#4314 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: null
        +root: null
        +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
        +lang: "en"
        +isAdult: false
        +favouriteCount: 12
        +score: 0
        +lastActive: DateTime @1699731832 {#4296
          date: 2023-11-11 20:43:52.0 +01:00
        }
        +ip: null
        +tags: null
        +mentions: [
          "@cyberwolfie@lemmy.ml"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4302 …}
        +nested: Doctrine\ORM\PersistentCollection {#4304 …}
        +votes: Doctrine\ORM\PersistentCollection {#4306 …}
        +reports: Doctrine\ORM\PersistentCollection {#4308 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
        -id: 107858
        -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://infosec.pub/comment/4119380"
        +editedAt: null
        +createdAt: DateTimeImmutable @1699629642 {#4297
          date: 2023-11-10 16:20:42.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4301}
      +body: """
        Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
        \n
        That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 2
      +score: 0
      +lastActive: DateTime @1699630006 {#4387
        date: 2023-11-10 16:26:46.0 +01:00
      }
      +ip: null
      +tags: [
        "port"
      ]
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@starkzarn@infosec.pub"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4382 …}
      +nested: Doctrine\ORM\PersistentCollection {#4377 …}
      +votes: Doctrine\ORM\PersistentCollection {#4381 …}
      +reports: Doctrine\ORM\PersistentCollection {#4391 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
      -id: 107877
      -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ml/comment/5678183"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630006 {#4390
        date: 2023-11-10 16:26:46.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
    +lang: "en"
    +isAdult: false
    +favouriteCount: 10
    +score: 0
    +lastActive: DateTime @1699630241 {#4479
      date: 2023-11-10 16:30:41.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4484 …}
    +nested: Doctrine\ORM\PersistentCollection {#4490 …}
    +votes: Doctrine\ORM\PersistentCollection {#4486 …}
    +reports: Doctrine\ORM\PersistentCollection {#4491 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
    -id: 107899
    -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://feddit.de/comment/4689891"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630241 {#4476
      date: 2023-11-10 16:30:41.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: """
    > You would need to specify the new port when using ssh (using the -p$PORT option).\n
    \n
    You can put a host entry for it in .ssh/config specifying the port.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 5
  +score: 0
  +lastActive: DateTime @1699646877 {#4549
    date: 2023-11-10 21:07:57.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4557 …}
  +nested: Doctrine\ORM\PersistentCollection {#4559 …}
  +votes: Doctrine\ORM\PersistentCollection {#4555 …}
  +reports: Doctrine\ORM\PersistentCollection {#4561 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4563 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4565 …}
  -id: 108888
  -bodyTs: "'entri':22 'host':21 'need':3 'new':7 'option':16 'p':14 'port':8,15,29 'put':19 'specifi':5,27 'ssh':11 'ssh/config':26 'use':10,12 'would':2"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.world/comment/5216607"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699646877 {#4546
    date: 2023-11-10 21:07:57.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4550
  +user: Proxies\__CG__\App\Entity\User {#4553 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4480
    +user: App\Entity\User {#4241 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4386
      +user: Proxies\__CG__\App\Entity\User {#1970 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4301
        +user: App\Entity\User {#4314 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: null
        +root: null
        +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
        +lang: "en"
        +isAdult: false
        +favouriteCount: 12
        +score: 0
        +lastActive: DateTime @1699731832 {#4296
          date: 2023-11-11 20:43:52.0 +01:00
        }
        +ip: null
        +tags: null
        +mentions: [
          "@cyberwolfie@lemmy.ml"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4302 …}
        +nested: Doctrine\ORM\PersistentCollection {#4304 …}
        +votes: Doctrine\ORM\PersistentCollection {#4306 …}
        +reports: Doctrine\ORM\PersistentCollection {#4308 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
        -id: 107858
        -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://infosec.pub/comment/4119380"
        +editedAt: null
        +createdAt: DateTimeImmutable @1699629642 {#4297
          date: 2023-11-10 16:20:42.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4301}
      +body: """
        Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
        \n
        That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 2
      +score: 0
      +lastActive: DateTime @1699630006 {#4387
        date: 2023-11-10 16:26:46.0 +01:00
      }
      +ip: null
      +tags: [
        "port"
      ]
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@starkzarn@infosec.pub"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4382 …}
      +nested: Doctrine\ORM\PersistentCollection {#4377 …}
      +votes: Doctrine\ORM\PersistentCollection {#4381 …}
      +reports: Doctrine\ORM\PersistentCollection {#4391 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
      -id: 107877
      -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ml/comment/5678183"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630006 {#4390
        date: 2023-11-10 16:26:46.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
    +lang: "en"
    +isAdult: false
    +favouriteCount: 10
    +score: 0
    +lastActive: DateTime @1699630241 {#4479
      date: 2023-11-10 16:30:41.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4484 …}
    +nested: Doctrine\ORM\PersistentCollection {#4490 …}
    +votes: Doctrine\ORM\PersistentCollection {#4486 …}
    +reports: Doctrine\ORM\PersistentCollection {#4491 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
    -id: 107899
    -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://feddit.de/comment/4689891"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630241 {#4476
      date: 2023-11-10 16:30:41.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: """
    > You would need to specify the new port when using ssh (using the -p$PORT option).\n
    \n
    You can put a host entry for it in .ssh/config specifying the port.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 5
  +score: 0
  +lastActive: DateTime @1699646877 {#4549
    date: 2023-11-10 21:07:57.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4557 …}
  +nested: Doctrine\ORM\PersistentCollection {#4559 …}
  +votes: Doctrine\ORM\PersistentCollection {#4555 …}
  +reports: Doctrine\ORM\PersistentCollection {#4561 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4563 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4565 …}
  -id: 108888
  -bodyTs: "'entri':22 'host':21 'need':3 'new':7 'option':16 'p':14 'port':8,15,29 'put':19 'specifi':5,27 'ssh':11 'ssh/config':26 'use':10,12 'would':2"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.world/comment/5216607"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699646877 {#4546
    date: 2023-11-10 21:07:57.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4550
  +user: Proxies\__CG__\App\Entity\User {#4553 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4480
    +user: App\Entity\User {#4241 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4386
      +user: Proxies\__CG__\App\Entity\User {#1970 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4301
        +user: App\Entity\User {#4314 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: null
        +root: null
        +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
        +lang: "en"
        +isAdult: false
        +favouriteCount: 12
        +score: 0
        +lastActive: DateTime @1699731832 {#4296
          date: 2023-11-11 20:43:52.0 +01:00
        }
        +ip: null
        +tags: null
        +mentions: [
          "@cyberwolfie@lemmy.ml"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4302 …}
        +nested: Doctrine\ORM\PersistentCollection {#4304 …}
        +votes: Doctrine\ORM\PersistentCollection {#4306 …}
        +reports: Doctrine\ORM\PersistentCollection {#4308 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
        -id: 107858
        -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://infosec.pub/comment/4119380"
        +editedAt: null
        +createdAt: DateTimeImmutable @1699629642 {#4297
          date: 2023-11-10 16:20:42.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4301}
      +body: """
        Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
        \n
        That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 2
      +score: 0
      +lastActive: DateTime @1699630006 {#4387
        date: 2023-11-10 16:26:46.0 +01:00
      }
      +ip: null
      +tags: [
        "port"
      ]
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@starkzarn@infosec.pub"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4382 …}
      +nested: Doctrine\ORM\PersistentCollection {#4377 …}
      +votes: Doctrine\ORM\PersistentCollection {#4381 …}
      +reports: Doctrine\ORM\PersistentCollection {#4391 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
      -id: 107877
      -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ml/comment/5678183"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630006 {#4390
        date: 2023-11-10 16:26:46.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
    +lang: "en"
    +isAdult: false
    +favouriteCount: 10
    +score: 0
    +lastActive: DateTime @1699630241 {#4479
      date: 2023-11-10 16:30:41.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4484 …}
    +nested: Doctrine\ORM\PersistentCollection {#4490 …}
    +votes: Doctrine\ORM\PersistentCollection {#4486 …}
    +reports: Doctrine\ORM\PersistentCollection {#4491 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
    -id: 107899
    -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://feddit.de/comment/4689891"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630241 {#4476
      date: 2023-11-10 16:30:41.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: """
    > You would need to specify the new port when using ssh (using the -p$PORT option).\n
    \n
    You can put a host entry for it in .ssh/config specifying the port.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 5
  +score: 0
  +lastActive: DateTime @1699646877 {#4549
    date: 2023-11-10 21:07:57.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4557 …}
  +nested: Doctrine\ORM\PersistentCollection {#4559 …}
  +votes: Doctrine\ORM\PersistentCollection {#4555 …}
  +reports: Doctrine\ORM\PersistentCollection {#4561 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4563 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4565 …}
  -id: 108888
  -bodyTs: "'entri':22 'host':21 'need':3 'new':7 'option':16 'p':14 'port':8,15,29 'put':19 'specifi':5,27 'ssh':11 'ssh/config':26 'use':10,12 'would':2"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.world/comment/5216607"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699646877 {#4546
    date: 2023-11-10 21:07:57.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4569
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4480
    +user: App\Entity\User {#4241 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4386
      +user: Proxies\__CG__\App\Entity\User {#1970 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4301
        +user: App\Entity\User {#4314 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: null
        +root: null
        +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
        +lang: "en"
        +isAdult: false
        +favouriteCount: 12
        +score: 0
        +lastActive: DateTime @1699731832 {#4296
          date: 2023-11-11 20:43:52.0 +01:00
        }
        +ip: null
        +tags: null
        +mentions: [
          "@cyberwolfie@lemmy.ml"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4302 …}
        +nested: Doctrine\ORM\PersistentCollection {#4304 …}
        +votes: Doctrine\ORM\PersistentCollection {#4306 …}
        +reports: Doctrine\ORM\PersistentCollection {#4308 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
        -id: 107858
        -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://infosec.pub/comment/4119380"
        +editedAt: null
        +createdAt: DateTimeImmutable @1699629642 {#4297
          date: 2023-11-10 16:20:42.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4301}
      +body: """
        Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
        \n
        That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 2
      +score: 0
      +lastActive: DateTime @1699630006 {#4387
        date: 2023-11-10 16:26:46.0 +01:00
      }
      +ip: null
      +tags: [
        "port"
      ]
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@starkzarn@infosec.pub"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4382 …}
      +nested: Doctrine\ORM\PersistentCollection {#4377 …}
      +votes: Doctrine\ORM\PersistentCollection {#4381 …}
      +reports: Doctrine\ORM\PersistentCollection {#4391 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
      -id: 107877
      -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ml/comment/5678183"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630006 {#4390
        date: 2023-11-10 16:26:46.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
    +lang: "en"
    +isAdult: false
    +favouriteCount: 10
    +score: 0
    +lastActive: DateTime @1699630241 {#4479
      date: 2023-11-10 16:30:41.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4484 …}
    +nested: Doctrine\ORM\PersistentCollection {#4490 …}
    +votes: Doctrine\ORM\PersistentCollection {#4486 …}
    +reports: Doctrine\ORM\PersistentCollection {#4491 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
    -id: 107899
    -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://feddit.de/comment/4689891"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630241 {#4476
      date: 2023-11-10 16:30:41.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: """
    > Just keep in mind that security through obscurity is not considered secure in itself.\n
    \n
    Do you consider it to not be a helpful measure to take at all?\n
    \n
    I have fail2ban configured - since it is reading from the auth.log, I guess I would not have to make any changes to the configuration there to have it work with a new port?
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699630798 {#4567
    date: 2023-11-10 16:39:58.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4570 …}
  +nested: Doctrine\ORM\PersistentCollection {#4572 …}
  +votes: Doctrine\ORM\PersistentCollection {#4574 …}
  +reports: Doctrine\ORM\PersistentCollection {#4576 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4578 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4580 …}
  -id: 107935
  -bodyTs: "'auth.log':39 'chang':49 'configur':32,52 'consid':11,17 'fail2ban':31 'guess':41 'help':23 'keep':2 'make':47 'measur':24 'mind':4 'new':60 'obscur':8 'port':61 'read':36 'secur':6,12 'sinc':33 'take':26 'work':57 'would':43"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678562"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630798 {#4568
    date: 2023-11-10 16:39:58.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4569
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4480
    +user: App\Entity\User {#4241 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4386
      +user: Proxies\__CG__\App\Entity\User {#1970 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4301
        +user: App\Entity\User {#4314 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: null
        +root: null
        +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
        +lang: "en"
        +isAdult: false
        +favouriteCount: 12
        +score: 0
        +lastActive: DateTime @1699731832 {#4296
          date: 2023-11-11 20:43:52.0 +01:00
        }
        +ip: null
        +tags: null
        +mentions: [
          "@cyberwolfie@lemmy.ml"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4302 …}
        +nested: Doctrine\ORM\PersistentCollection {#4304 …}
        +votes: Doctrine\ORM\PersistentCollection {#4306 …}
        +reports: Doctrine\ORM\PersistentCollection {#4308 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
        -id: 107858
        -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://infosec.pub/comment/4119380"
        +editedAt: null
        +createdAt: DateTimeImmutable @1699629642 {#4297
          date: 2023-11-10 16:20:42.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4301}
      +body: """
        Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
        \n
        That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 2
      +score: 0
      +lastActive: DateTime @1699630006 {#4387
        date: 2023-11-10 16:26:46.0 +01:00
      }
      +ip: null
      +tags: [
        "port"
      ]
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@starkzarn@infosec.pub"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4382 …}
      +nested: Doctrine\ORM\PersistentCollection {#4377 …}
      +votes: Doctrine\ORM\PersistentCollection {#4381 …}
      +reports: Doctrine\ORM\PersistentCollection {#4391 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
      -id: 107877
      -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ml/comment/5678183"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630006 {#4390
        date: 2023-11-10 16:26:46.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
    +lang: "en"
    +isAdult: false
    +favouriteCount: 10
    +score: 0
    +lastActive: DateTime @1699630241 {#4479
      date: 2023-11-10 16:30:41.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4484 …}
    +nested: Doctrine\ORM\PersistentCollection {#4490 …}
    +votes: Doctrine\ORM\PersistentCollection {#4486 …}
    +reports: Doctrine\ORM\PersistentCollection {#4491 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
    -id: 107899
    -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://feddit.de/comment/4689891"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630241 {#4476
      date: 2023-11-10 16:30:41.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: """
    > Just keep in mind that security through obscurity is not considered secure in itself.\n
    \n
    Do you consider it to not be a helpful measure to take at all?\n
    \n
    I have fail2ban configured - since it is reading from the auth.log, I guess I would not have to make any changes to the configuration there to have it work with a new port?
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699630798 {#4567
    date: 2023-11-10 16:39:58.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4570 …}
  +nested: Doctrine\ORM\PersistentCollection {#4572 …}
  +votes: Doctrine\ORM\PersistentCollection {#4574 …}
  +reports: Doctrine\ORM\PersistentCollection {#4576 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4578 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4580 …}
  -id: 107935
  -bodyTs: "'auth.log':39 'chang':49 'configur':32,52 'consid':11,17 'fail2ban':31 'guess':41 'help':23 'keep':2 'make':47 'measur':24 'mind':4 'new':60 'obscur':8 'port':61 'read':36 'secur':6,12 'sinc':33 'take':26 'work':57 'would':43"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678562"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630798 {#4568
    date: 2023-11-10 16:39:58.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4569
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4480
    +user: App\Entity\User {#4241 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4386
      +user: Proxies\__CG__\App\Entity\User {#1970 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4301
        +user: App\Entity\User {#4314 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: null
        +root: null
        +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
        +lang: "en"
        +isAdult: false
        +favouriteCount: 12
        +score: 0
        +lastActive: DateTime @1699731832 {#4296
          date: 2023-11-11 20:43:52.0 +01:00
        }
        +ip: null
        +tags: null
        +mentions: [
          "@cyberwolfie@lemmy.ml"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4302 …}
        +nested: Doctrine\ORM\PersistentCollection {#4304 …}
        +votes: Doctrine\ORM\PersistentCollection {#4306 …}
        +reports: Doctrine\ORM\PersistentCollection {#4308 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
        -id: 107858
        -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://infosec.pub/comment/4119380"
        +editedAt: null
        +createdAt: DateTimeImmutable @1699629642 {#4297
          date: 2023-11-10 16:20:42.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4301}
      +body: """
        Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
        \n
        That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 2
      +score: 0
      +lastActive: DateTime @1699630006 {#4387
        date: 2023-11-10 16:26:46.0 +01:00
      }
      +ip: null
      +tags: [
        "port"
      ]
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@starkzarn@infosec.pub"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4382 …}
      +nested: Doctrine\ORM\PersistentCollection {#4377 …}
      +votes: Doctrine\ORM\PersistentCollection {#4381 …}
      +reports: Doctrine\ORM\PersistentCollection {#4391 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
      -id: 107877
      -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ml/comment/5678183"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630006 {#4390
        date: 2023-11-10 16:26:46.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
    +lang: "en"
    +isAdult: false
    +favouriteCount: 10
    +score: 0
    +lastActive: DateTime @1699630241 {#4479
      date: 2023-11-10 16:30:41.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4484 …}
    +nested: Doctrine\ORM\PersistentCollection {#4490 …}
    +votes: Doctrine\ORM\PersistentCollection {#4486 …}
    +reports: Doctrine\ORM\PersistentCollection {#4491 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
    -id: 107899
    -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://feddit.de/comment/4689891"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630241 {#4476
      date: 2023-11-10 16:30:41.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: """
    > Just keep in mind that security through obscurity is not considered secure in itself.\n
    \n
    Do you consider it to not be a helpful measure to take at all?\n
    \n
    I have fail2ban configured - since it is reading from the auth.log, I guess I would not have to make any changes to the configuration there to have it work with a new port?
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699630798 {#4567
    date: 2023-11-10 16:39:58.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4570 …}
  +nested: Doctrine\ORM\PersistentCollection {#4572 …}
  +votes: Doctrine\ORM\PersistentCollection {#4574 …}
  +reports: Doctrine\ORM\PersistentCollection {#4576 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4578 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4580 …}
  -id: 107935
  -bodyTs: "'auth.log':39 'chang':49 'configur':32,52 'consid':11,17 'fail2ban':31 'guess':41 'help':23 'keep':2 'make':47 'measur':24 'mind':4 'new':60 'obscur':8 'port':61 'read':36 'secur':6,12 'sinc':33 'take':26 'work':57 'would':43"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678562"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699630798 {#4568
    date: 2023-11-10 16:39:58.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4604
  +user: App\Entity\User {#4241 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4569
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4480
      +user: App\Entity\User {#4241 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4386
        +user: Proxies\__CG__\App\Entity\User {#1970 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: App\Entity\EntryComment {#4301
          +user: App\Entity\User {#4314 …}
          +entry: App\Entity\Entry {#2419}
          +magazine: App\Entity\Magazine {#265}
          +image: null
          +parent: null
          +root: null
          +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
          +lang: "en"
          +isAdult: false
          +favouriteCount: 12
          +score: 0
          +lastActive: DateTime @1699731832 {#4296
            date: 2023-11-11 20:43:52.0 +01:00
          }
          +ip: null
          +tags: null
          +mentions: [
            "@cyberwolfie@lemmy.ml"
          ]
          +children: Doctrine\ORM\PersistentCollection {#4302 …}
          +nested: Doctrine\ORM\PersistentCollection {#4304 …}
          +votes: Doctrine\ORM\PersistentCollection {#4306 …}
          +reports: Doctrine\ORM\PersistentCollection {#4308 …}
          +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
          +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
          -id: 107858
          -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
          +ranking: 0
          +commentCount: 0
          +upVotes: 0
          +downVotes: 0
          +visibility: "visible             "
          +apId: "https://infosec.pub/comment/4119380"
          +editedAt: null
          +createdAt: DateTimeImmutable @1699629642 {#4297
            date: 2023-11-10 16:20:42.0 +01:00
          }
        }
        +root: App\Entity\EntryComment {#4301}
        +body: """
          Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
          \n
          That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
          """
        +lang: "en"
        +isAdult: false
        +favouriteCount: 2
        +score: 0
        +lastActive: DateTime @1699630006 {#4387
          date: 2023-11-10 16:26:46.0 +01:00
        }
        +ip: null
        +tags: [
          "port"
        ]
        +mentions: [
          "@cyberwolfie@lemmy.ml"
          "@starkzarn@infosec.pub"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4382 …}
        +nested: Doctrine\ORM\PersistentCollection {#4377 …}
        +votes: Doctrine\ORM\PersistentCollection {#4381 …}
        +reports: Doctrine\ORM\PersistentCollection {#4391 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
        -id: 107877
        -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://lemmy.ml/comment/5678183"
        +editedAt: null
        +createdAt: DateTimeImmutable @1699630006 {#4390
          date: 2023-11-10 16:26:46.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4301}
      +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
      +lang: "en"
      +isAdult: false
      +favouriteCount: 10
      +score: 0
      +lastActive: DateTime @1699630241 {#4479
        date: 2023-11-10 16:30:41.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@starkzarn@infosec.pub"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4484 …}
      +nested: Doctrine\ORM\PersistentCollection {#4490 …}
      +votes: Doctrine\ORM\PersistentCollection {#4486 …}
      +reports: Doctrine\ORM\PersistentCollection {#4491 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
      -id: 107899
      -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://feddit.de/comment/4689891"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630241 {#4476
        date: 2023-11-10 16:30:41.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: """
      > Just keep in mind that security through obscurity is not considered secure in itself.\n
      \n
      Do you consider it to not be a helpful measure to take at all?\n
      \n
      I have fail2ban configured - since it is reading from the auth.log, I guess I would not have to make any changes to the configuration there to have it work with a new port?
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699630798 {#4567
      date: 2023-11-10 16:39:58.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
      "@siph@feddit.de"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4570 …}
    +nested: Doctrine\ORM\PersistentCollection {#4572 …}
    +votes: Doctrine\ORM\PersistentCollection {#4574 …}
    +reports: Doctrine\ORM\PersistentCollection {#4576 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4578 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4580 …}
    -id: 107935
    -bodyTs: "'auth.log':39 'chang':49 'configur':32,52 'consid':11,17 'fail2ban':31 'guess':41 'help':23 'keep':2 'make':47 'measur':24 'mind':4 'new':60 'obscur':8 'port':61 'read':36 'secur':6,12 'sinc':33 'take':26 'work':57 'would':43"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678562"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630798 {#4568
      date: 2023-11-10 16:39:58.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: """
    It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
    \n
    Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
    \n
    Fail2ban *should* work with a different port without any further configuration but it might not.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699631376 {#4608
    date: 2023-11-10 16:49:36.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4601 …}
  +nested: Doctrine\ORM\PersistentCollection {#4599 …}
  +votes: Doctrine\ORM\PersistentCollection {#4603 …}
  +reports: Doctrine\ORM\PersistentCollection {#4614 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4616 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4618 …}
  -id: 107970
  -bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://feddit.de/comment/4690495"
  +editedAt: DateTimeImmutable @1699708626 {#4611
    date: 2023-11-11 14:17:06.0 +01:00
  }
  +createdAt: DateTimeImmutable @1699631376 {#4607
    date: 2023-11-10 16:49:36.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4604
  +user: App\Entity\User {#4241 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4569
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4480
      +user: App\Entity\User {#4241 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4386
        +user: Proxies\__CG__\App\Entity\User {#1970 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: App\Entity\EntryComment {#4301
          +user: App\Entity\User {#4314 …}
          +entry: App\Entity\Entry {#2419}
          +magazine: App\Entity\Magazine {#265}
          +image: null
          +parent: null
          +root: null
          +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
          +lang: "en"
          +isAdult: false
          +favouriteCount: 12
          +score: 0
          +lastActive: DateTime @1699731832 {#4296
            date: 2023-11-11 20:43:52.0 +01:00
          }
          +ip: null
          +tags: null
          +mentions: [
            "@cyberwolfie@lemmy.ml"
          ]
          +children: Doctrine\ORM\PersistentCollection {#4302 …}
          +nested: Doctrine\ORM\PersistentCollection {#4304 …}
          +votes: Doctrine\ORM\PersistentCollection {#4306 …}
          +reports: Doctrine\ORM\PersistentCollection {#4308 …}
          +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
          +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
          -id: 107858
          -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
          +ranking: 0
          +commentCount: 0
          +upVotes: 0
          +downVotes: 0
          +visibility: "visible             "
          +apId: "https://infosec.pub/comment/4119380"
          +editedAt: null
          +createdAt: DateTimeImmutable @1699629642 {#4297
            date: 2023-11-10 16:20:42.0 +01:00
          }
        }
        +root: App\Entity\EntryComment {#4301}
        +body: """
          Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
          \n
          That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
          """
        +lang: "en"
        +isAdult: false
        +favouriteCount: 2
        +score: 0
        +lastActive: DateTime @1699630006 {#4387
          date: 2023-11-10 16:26:46.0 +01:00
        }
        +ip: null
        +tags: [
          "port"
        ]
        +mentions: [
          "@cyberwolfie@lemmy.ml"
          "@starkzarn@infosec.pub"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4382 …}
        +nested: Doctrine\ORM\PersistentCollection {#4377 …}
        +votes: Doctrine\ORM\PersistentCollection {#4381 …}
        +reports: Doctrine\ORM\PersistentCollection {#4391 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
        -id: 107877
        -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://lemmy.ml/comment/5678183"
        +editedAt: null
        +createdAt: DateTimeImmutable @1699630006 {#4390
          date: 2023-11-10 16:26:46.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4301}
      +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
      +lang: "en"
      +isAdult: false
      +favouriteCount: 10
      +score: 0
      +lastActive: DateTime @1699630241 {#4479
        date: 2023-11-10 16:30:41.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@starkzarn@infosec.pub"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4484 …}
      +nested: Doctrine\ORM\PersistentCollection {#4490 …}
      +votes: Doctrine\ORM\PersistentCollection {#4486 …}
      +reports: Doctrine\ORM\PersistentCollection {#4491 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
      -id: 107899
      -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://feddit.de/comment/4689891"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630241 {#4476
        date: 2023-11-10 16:30:41.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: """
      > Just keep in mind that security through obscurity is not considered secure in itself.\n
      \n
      Do you consider it to not be a helpful measure to take at all?\n
      \n
      I have fail2ban configured - since it is reading from the auth.log, I guess I would not have to make any changes to the configuration there to have it work with a new port?
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699630798 {#4567
      date: 2023-11-10 16:39:58.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
      "@siph@feddit.de"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4570 …}
    +nested: Doctrine\ORM\PersistentCollection {#4572 …}
    +votes: Doctrine\ORM\PersistentCollection {#4574 …}
    +reports: Doctrine\ORM\PersistentCollection {#4576 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4578 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4580 …}
    -id: 107935
    -bodyTs: "'auth.log':39 'chang':49 'configur':32,52 'consid':11,17 'fail2ban':31 'guess':41 'help':23 'keep':2 'make':47 'measur':24 'mind':4 'new':60 'obscur':8 'port':61 'read':36 'secur':6,12 'sinc':33 'take':26 'work':57 'would':43"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678562"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630798 {#4568
      date: 2023-11-10 16:39:58.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: """
    It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
    \n
    Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
    \n
    Fail2ban *should* work with a different port without any further configuration but it might not.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699631376 {#4608
    date: 2023-11-10 16:49:36.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4601 …}
  +nested: Doctrine\ORM\PersistentCollection {#4599 …}
  +votes: Doctrine\ORM\PersistentCollection {#4603 …}
  +reports: Doctrine\ORM\PersistentCollection {#4614 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4616 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4618 …}
  -id: 107970
  -bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://feddit.de/comment/4690495"
  +editedAt: DateTimeImmutable @1699708626 {#4611
    date: 2023-11-11 14:17:06.0 +01:00
  }
  +createdAt: DateTimeImmutable @1699631376 {#4607
    date: 2023-11-10 16:49:36.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4604
  +user: App\Entity\User {#4241 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4569
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4480
      +user: App\Entity\User {#4241 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4386
        +user: Proxies\__CG__\App\Entity\User {#1970 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: App\Entity\EntryComment {#4301
          +user: App\Entity\User {#4314 …}
          +entry: App\Entity\Entry {#2419}
          +magazine: App\Entity\Magazine {#265}
          +image: null
          +parent: null
          +root: null
          +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
          +lang: "en"
          +isAdult: false
          +favouriteCount: 12
          +score: 0
          +lastActive: DateTime @1699731832 {#4296
            date: 2023-11-11 20:43:52.0 +01:00
          }
          +ip: null
          +tags: null
          +mentions: [
            "@cyberwolfie@lemmy.ml"
          ]
          +children: Doctrine\ORM\PersistentCollection {#4302 …}
          +nested: Doctrine\ORM\PersistentCollection {#4304 …}
          +votes: Doctrine\ORM\PersistentCollection {#4306 …}
          +reports: Doctrine\ORM\PersistentCollection {#4308 …}
          +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
          +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
          -id: 107858
          -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
          +ranking: 0
          +commentCount: 0
          +upVotes: 0
          +downVotes: 0
          +visibility: "visible             "
          +apId: "https://infosec.pub/comment/4119380"
          +editedAt: null
          +createdAt: DateTimeImmutable @1699629642 {#4297
            date: 2023-11-10 16:20:42.0 +01:00
          }
        }
        +root: App\Entity\EntryComment {#4301}
        +body: """
          Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
          \n
          That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
          """
        +lang: "en"
        +isAdult: false
        +favouriteCount: 2
        +score: 0
        +lastActive: DateTime @1699630006 {#4387
          date: 2023-11-10 16:26:46.0 +01:00
        }
        +ip: null
        +tags: [
          "port"
        ]
        +mentions: [
          "@cyberwolfie@lemmy.ml"
          "@starkzarn@infosec.pub"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4382 …}
        +nested: Doctrine\ORM\PersistentCollection {#4377 …}
        +votes: Doctrine\ORM\PersistentCollection {#4381 …}
        +reports: Doctrine\ORM\PersistentCollection {#4391 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
        -id: 107877
        -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://lemmy.ml/comment/5678183"
        +editedAt: null
        +createdAt: DateTimeImmutable @1699630006 {#4390
          date: 2023-11-10 16:26:46.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4301}
      +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
      +lang: "en"
      +isAdult: false
      +favouriteCount: 10
      +score: 0
      +lastActive: DateTime @1699630241 {#4479
        date: 2023-11-10 16:30:41.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@starkzarn@infosec.pub"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4484 …}
      +nested: Doctrine\ORM\PersistentCollection {#4490 …}
      +votes: Doctrine\ORM\PersistentCollection {#4486 …}
      +reports: Doctrine\ORM\PersistentCollection {#4491 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
      -id: 107899
      -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://feddit.de/comment/4689891"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630241 {#4476
        date: 2023-11-10 16:30:41.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: """
      > Just keep in mind that security through obscurity is not considered secure in itself.\n
      \n
      Do you consider it to not be a helpful measure to take at all?\n
      \n
      I have fail2ban configured - since it is reading from the auth.log, I guess I would not have to make any changes to the configuration there to have it work with a new port?
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699630798 {#4567
      date: 2023-11-10 16:39:58.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
      "@siph@feddit.de"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4570 …}
    +nested: Doctrine\ORM\PersistentCollection {#4572 …}
    +votes: Doctrine\ORM\PersistentCollection {#4574 …}
    +reports: Doctrine\ORM\PersistentCollection {#4576 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4578 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4580 …}
    -id: 107935
    -bodyTs: "'auth.log':39 'chang':49 'configur':32,52 'consid':11,17 'fail2ban':31 'guess':41 'help':23 'keep':2 'make':47 'measur':24 'mind':4 'new':60 'obscur':8 'port':61 'read':36 'secur':6,12 'sinc':33 'take':26 'work':57 'would':43"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://lemmy.ml/comment/5678562"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699630798 {#4568
      date: 2023-11-10 16:39:58.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: """
    It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
    \n
    Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
    \n
    Fail2ban *should* work with a different port without any further configuration but it might not.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699631376 {#4608
    date: 2023-11-10 16:49:36.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4601 …}
  +nested: Doctrine\ORM\PersistentCollection {#4599 …}
  +votes: Doctrine\ORM\PersistentCollection {#4603 …}
  +reports: Doctrine\ORM\PersistentCollection {#4614 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4616 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4618 …}
  -id: 107970
  -bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://feddit.de/comment/4690495"
  +editedAt: DateTimeImmutable @1699708626 {#4611
    date: 2023-11-11 14:17:06.0 +01:00
  }
  +createdAt: DateTimeImmutable @1699631376 {#4607
    date: 2023-11-10 16:49:36.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
null
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4635
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4604
    +user: App\Entity\User {#4241 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4569
      +user: Proxies\__CG__\App\Entity\User {#1970 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4480
        +user: App\Entity\User {#4241 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: App\Entity\EntryComment {#4386
          +user: Proxies\__CG__\App\Entity\User {#1970 …}
          +entry: App\Entity\Entry {#2419}
          +magazine: App\Entity\Magazine {#265}
          +image: null
          +parent: App\Entity\EntryComment {#4301
            +user: App\Entity\User {#4314 …}
            +entry: App\Entity\Entry {#2419}
            +magazine: App\Entity\Magazine {#265}
            +image: null
            +parent: null
            +root: null
            +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
            +lang: "en"
            +isAdult: false
            +favouriteCount: 12
            +score: 0
            +lastActive: DateTime @1699731832 {#4296
              date: 2023-11-11 20:43:52.0 +01:00
            }
            +ip: null
            +tags: null
            +mentions: [
              "@cyberwolfie@lemmy.ml"
            ]
            +children: Doctrine\ORM\PersistentCollection {#4302 …}
            +nested: Doctrine\ORM\PersistentCollection {#4304 …}
            +votes: Doctrine\ORM\PersistentCollection {#4306 …}
            +reports: Doctrine\ORM\PersistentCollection {#4308 …}
            +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
            +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
            -id: 107858
            -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
            +ranking: 0
            +commentCount: 0
            +upVotes: 0
            +downVotes: 0
            +visibility: "visible             "
            +apId: "https://infosec.pub/comment/4119380"
            +editedAt: null
            +createdAt: DateTimeImmutable @1699629642 {#4297
              date: 2023-11-10 16:20:42.0 +01:00
            }
          }
          +root: App\Entity\EntryComment {#4301}
          +body: """
            Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
            \n
            That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
            """
          +lang: "en"
          +isAdult: false
          +favouriteCount: 2
          +score: 0
          +lastActive: DateTime @1699630006 {#4387
            date: 2023-11-10 16:26:46.0 +01:00
          }
          +ip: null
          +tags: [
            "port"
          ]
          +mentions: [
            "@cyberwolfie@lemmy.ml"
            "@starkzarn@infosec.pub"
          ]
          +children: Doctrine\ORM\PersistentCollection {#4382 …}
          +nested: Doctrine\ORM\PersistentCollection {#4377 …}
          +votes: Doctrine\ORM\PersistentCollection {#4381 …}
          +reports: Doctrine\ORM\PersistentCollection {#4391 …}
          +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
          +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
          -id: 107877
          -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
          +ranking: 0
          +commentCount: 0
          +upVotes: 0
          +downVotes: 0
          +visibility: "visible             "
          +apId: "https://lemmy.ml/comment/5678183"
          +editedAt: null
          +createdAt: DateTimeImmutable @1699630006 {#4390
            date: 2023-11-10 16:26:46.0 +01:00
          }
        }
        +root: App\Entity\EntryComment {#4301}
        +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
        +lang: "en"
        +isAdult: false
        +favouriteCount: 10
        +score: 0
        +lastActive: DateTime @1699630241 {#4479
          date: 2023-11-10 16:30:41.0 +01:00
        }
        +ip: null
        +tags: null
        +mentions: [
          "@cyberwolfie@lemmy.ml"
          "@starkzarn@infosec.pub"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4484 …}
        +nested: Doctrine\ORM\PersistentCollection {#4490 …}
        +votes: Doctrine\ORM\PersistentCollection {#4486 …}
        +reports: Doctrine\ORM\PersistentCollection {#4491 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
        -id: 107899
        -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://feddit.de/comment/4689891"
        +editedAt: null
        +createdAt: DateTimeImmutable @1699630241 {#4476
          date: 2023-11-10 16:30:41.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4301}
      +body: """
        > Just keep in mind that security through obscurity is not considered secure in itself.\n
        \n
        Do you consider it to not be a helpful measure to take at all?\n
        \n
        I have fail2ban configured - since it is reading from the auth.log, I guess I would not have to make any changes to the configuration there to have it work with a new port?
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 2
      +score: 0
      +lastActive: DateTime @1699630798 {#4567
        date: 2023-11-10 16:39:58.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@starkzarn@infosec.pub"
        "@siph@feddit.de"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4570 …}
      +nested: Doctrine\ORM\PersistentCollection {#4572 …}
      +votes: Doctrine\ORM\PersistentCollection {#4574 …}
      +reports: Doctrine\ORM\PersistentCollection {#4576 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4578 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4580 …}
      -id: 107935
      -bodyTs: "'auth.log':39 'chang':49 'configur':32,52 'consid':11,17 'fail2ban':31 'guess':41 'help':23 'keep':2 'make':47 'measur':24 'mind':4 'new':60 'obscur':8 'port':61 'read':36 'secur':6,12 'sinc':33 'take':26 'work':57 'would':43"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ml/comment/5678562"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630798 {#4568
        date: 2023-11-10 16:39:58.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: """
      It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
      \n
      Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
      \n
      Fail2ban *should* work with a different port without any further configuration but it might not.
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699631376 {#4608
      date: 2023-11-10 16:49:36.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
      "@siph@feddit.de"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4601 …}
    +nested: Doctrine\ORM\PersistentCollection {#4599 …}
    +votes: Doctrine\ORM\PersistentCollection {#4603 …}
    +reports: Doctrine\ORM\PersistentCollection {#4614 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4616 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4618 …}
    -id: 107970
    -bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://feddit.de/comment/4690495"
    +editedAt: DateTimeImmutable @1699708626 {#4611
      date: 2023-11-11 14:17:06.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699631376 {#4607
      date: 2023-11-10 16:49:36.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: "Alright, cheers - I’ll leave it be as well then :)"
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699631690 {#4630
    date: 2023-11-10 16:54:50.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4627 …}
  +nested: Doctrine\ORM\PersistentCollection {#4624 …}
  +votes: Doctrine\ORM\PersistentCollection {#4622 …}
  +reports: Doctrine\ORM\PersistentCollection {#4636 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4638 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4640 …}
  -id: 107991
  -bodyTs: "'alright':1 'cheer':2 'leav':5 'll':4 'well':9"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678996"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699631690 {#4633
    date: 2023-11-10 16:54:50.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4635
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4604
    +user: App\Entity\User {#4241 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4569
      +user: Proxies\__CG__\App\Entity\User {#1970 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4480
        +user: App\Entity\User {#4241 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: App\Entity\EntryComment {#4386
          +user: Proxies\__CG__\App\Entity\User {#1970 …}
          +entry: App\Entity\Entry {#2419}
          +magazine: App\Entity\Magazine {#265}
          +image: null
          +parent: App\Entity\EntryComment {#4301
            +user: App\Entity\User {#4314 …}
            +entry: App\Entity\Entry {#2419}
            +magazine: App\Entity\Magazine {#265}
            +image: null
            +parent: null
            +root: null
            +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
            +lang: "en"
            +isAdult: false
            +favouriteCount: 12
            +score: 0
            +lastActive: DateTime @1699731832 {#4296
              date: 2023-11-11 20:43:52.0 +01:00
            }
            +ip: null
            +tags: null
            +mentions: [
              "@cyberwolfie@lemmy.ml"
            ]
            +children: Doctrine\ORM\PersistentCollection {#4302 …}
            +nested: Doctrine\ORM\PersistentCollection {#4304 …}
            +votes: Doctrine\ORM\PersistentCollection {#4306 …}
            +reports: Doctrine\ORM\PersistentCollection {#4308 …}
            +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
            +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
            -id: 107858
            -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
            +ranking: 0
            +commentCount: 0
            +upVotes: 0
            +downVotes: 0
            +visibility: "visible             "
            +apId: "https://infosec.pub/comment/4119380"
            +editedAt: null
            +createdAt: DateTimeImmutable @1699629642 {#4297
              date: 2023-11-10 16:20:42.0 +01:00
            }
          }
          +root: App\Entity\EntryComment {#4301}
          +body: """
            Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
            \n
            That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
            """
          +lang: "en"
          +isAdult: false
          +favouriteCount: 2
          +score: 0
          +lastActive: DateTime @1699630006 {#4387
            date: 2023-11-10 16:26:46.0 +01:00
          }
          +ip: null
          +tags: [
            "port"
          ]
          +mentions: [
            "@cyberwolfie@lemmy.ml"
            "@starkzarn@infosec.pub"
          ]
          +children: Doctrine\ORM\PersistentCollection {#4382 …}
          +nested: Doctrine\ORM\PersistentCollection {#4377 …}
          +votes: Doctrine\ORM\PersistentCollection {#4381 …}
          +reports: Doctrine\ORM\PersistentCollection {#4391 …}
          +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
          +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
          -id: 107877
          -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
          +ranking: 0
          +commentCount: 0
          +upVotes: 0
          +downVotes: 0
          +visibility: "visible             "
          +apId: "https://lemmy.ml/comment/5678183"
          +editedAt: null
          +createdAt: DateTimeImmutable @1699630006 {#4390
            date: 2023-11-10 16:26:46.0 +01:00
          }
        }
        +root: App\Entity\EntryComment {#4301}
        +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
        +lang: "en"
        +isAdult: false
        +favouriteCount: 10
        +score: 0
        +lastActive: DateTime @1699630241 {#4479
          date: 2023-11-10 16:30:41.0 +01:00
        }
        +ip: null
        +tags: null
        +mentions: [
          "@cyberwolfie@lemmy.ml"
          "@starkzarn@infosec.pub"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4484 …}
        +nested: Doctrine\ORM\PersistentCollection {#4490 …}
        +votes: Doctrine\ORM\PersistentCollection {#4486 …}
        +reports: Doctrine\ORM\PersistentCollection {#4491 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
        -id: 107899
        -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://feddit.de/comment/4689891"
        +editedAt: null
        +createdAt: DateTimeImmutable @1699630241 {#4476
          date: 2023-11-10 16:30:41.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4301}
      +body: """
        > Just keep in mind that security through obscurity is not considered secure in itself.\n
        \n
        Do you consider it to not be a helpful measure to take at all?\n
        \n
        I have fail2ban configured - since it is reading from the auth.log, I guess I would not have to make any changes to the configuration there to have it work with a new port?
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 2
      +score: 0
      +lastActive: DateTime @1699630798 {#4567
        date: 2023-11-10 16:39:58.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@starkzarn@infosec.pub"
        "@siph@feddit.de"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4570 …}
      +nested: Doctrine\ORM\PersistentCollection {#4572 …}
      +votes: Doctrine\ORM\PersistentCollection {#4574 …}
      +reports: Doctrine\ORM\PersistentCollection {#4576 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4578 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4580 …}
      -id: 107935
      -bodyTs: "'auth.log':39 'chang':49 'configur':32,52 'consid':11,17 'fail2ban':31 'guess':41 'help':23 'keep':2 'make':47 'measur':24 'mind':4 'new':60 'obscur':8 'port':61 'read':36 'secur':6,12 'sinc':33 'take':26 'work':57 'would':43"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ml/comment/5678562"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630798 {#4568
        date: 2023-11-10 16:39:58.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: """
      It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
      \n
      Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
      \n
      Fail2ban *should* work with a different port without any further configuration but it might not.
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699631376 {#4608
      date: 2023-11-10 16:49:36.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
      "@siph@feddit.de"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4601 …}
    +nested: Doctrine\ORM\PersistentCollection {#4599 …}
    +votes: Doctrine\ORM\PersistentCollection {#4603 …}
    +reports: Doctrine\ORM\PersistentCollection {#4614 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4616 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4618 …}
    -id: 107970
    -bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://feddit.de/comment/4690495"
    +editedAt: DateTimeImmutable @1699708626 {#4611
      date: 2023-11-11 14:17:06.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699631376 {#4607
      date: 2023-11-10 16:49:36.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: "Alright, cheers - I’ll leave it be as well then :)"
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699631690 {#4630
    date: 2023-11-10 16:54:50.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4627 …}
  +nested: Doctrine\ORM\PersistentCollection {#4624 …}
  +votes: Doctrine\ORM\PersistentCollection {#4622 …}
  +reports: Doctrine\ORM\PersistentCollection {#4636 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4638 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4640 …}
  -id: 107991
  -bodyTs: "'alright':1 'cheer':2 'leav':5 'll':4 'well':9"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678996"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699631690 {#4633
    date: 2023-11-10 16:54:50.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\EntryComment {#4635
  +user: Proxies\__CG__\App\Entity\User {#1970 …}
  +entry: App\Entity\Entry {#2419
    +user: Proxies\__CG__\App\Entity\User {#1970 …}
    +magazine: App\Entity\Magazine {#265
      +icon: Proxies\__CG__\App\Entity\Image {#246 …}
      +name: "linux@lemmy.ml"
      +title: "linux"
      +description: """
        From Wikipedia, the free encyclopedia\n
        \n
        Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
        \n
        Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
        \n
        ### Rules\n
        \n
        - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
        - No misinformation\n
        - No NSFW content\n
        - No hate speech, bigotry, etc\n
        \n
        ### Related Communities\n
        \n
        - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
        - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
        - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
        - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
        \n
        Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
        """
      +rules: null
      +subscriptionsCount: 1
      +entryCount: 1406
      +entryCommentCount: 28632
      +postCount: 6
      +postCommentCount: 214
      +isAdult: false
      +customCss: null
      +lastActive: DateTime @1729583542 {#275
        date: 2024-10-22 09:52:22.0 +02:00
      }
      +markedForDeletionAt: null
      +tags: null
      +moderators: Doctrine\ORM\PersistentCollection {#237 …}
      +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
      +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
      +entries: Doctrine\ORM\PersistentCollection {#180 …}
      +posts: Doctrine\ORM\PersistentCollection {#138 …}
      +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
      +bans: Doctrine\ORM\PersistentCollection {#117 …}
      +reports: Doctrine\ORM\PersistentCollection {#103 …}
      +badges: Doctrine\ORM\PersistentCollection {#81 …}
      +logs: Doctrine\ORM\PersistentCollection {#71 …}
      +awards: Doctrine\ORM\PersistentCollection {#1346 …}
      +categories: Doctrine\ORM\PersistentCollection {#1823 …}
      -id: 73
      +apId: "linux@lemmy.ml"
      +apProfileId: "https://lemmy.ml/c/linux"
      +apPublicUrl: "https://lemmy.ml/c/linux"
      +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
      +apInboxUrl: "https://lemmy.ml/inbox"
      +apDomain: "lemmy.ml"
      +apPreferredUsername: "linux"
      +apDiscoverable: true
      +apManuallyApprovesFollowers: null
      +privateKey: null
      +publicKey: null
      +apFetchedAt: DateTime @1729583596 {#269
        date: 2024-10-22 09:53:16.0 +02:00
      }
      +apDeletedAt: null
      +apTimeoutAt: null
      +visibility: "visible             "
      +createdAt: DateTimeImmutable @1698929468 {#271
        date: 2023-11-02 13:51:08.0 +01:00
      }
    }
    +image: null
    +domain: Proxies\__CG__\App\Entity\Domain {#1915 …}
    +slug: "Have-I-successfully-blocked-ssh-logins-to-root"
    +title: "Have I successfully blocked ssh logins to root?"
    +url: null
    +body: """
      I have a server where I believe I have disabled root login via ssh. I think it is done correctly, as I cannot login with root myself via ssh, but I would’ve thought that it would be reflected in `/var/log/auth.log`. Instead, it shows up as failed password entry. Is this intended?\n
      \n
      What I’ve done is to uncomment the `PermitRootLogin no` line in `/etc/ssh/sshd_config`. Rest of the config file is left at default.\n
      \n
      Bonus question: All login attempts by ssh seems to go over some random port (even my own successful logins). Why is this?
      """
    +type: "article"
    +lang: "en"
    +isOc: false
    +hasEmbed: false
    +commentCount: 20
    +favouriteCount: 36
    +score: 0
    +isAdult: false
    +sticky: false
    +lastActive: DateTime @1699784052 {#2414
      date: 2023-11-12 11:14:12.0 +01:00
    }
    +ip: null
    +adaAmount: 0
    +tags: null
    +mentions: null
    +comments: Doctrine\ORM\PersistentCollection {#1884 …}
    +votes: Doctrine\ORM\PersistentCollection {#1973 …}
    +reports: Doctrine\ORM\PersistentCollection {#1959 …}
    +favourites: Doctrine\ORM\PersistentCollection {#1927 …}
    +notifications: Doctrine\ORM\PersistentCollection {#2442 …}
    +badges: Doctrine\ORM\PersistentCollection {#2440 …}
    +children: []
    -id: 11766
    -titleTs: "'block':4 'login':6 'root':8 'ssh':5 'success':3"
    -bodyTs: "'/etc/ssh/sshd_config':65 '/var/log/auth.log':41 'attempt':79 'believ':7 'bonus':75 'cannot':23 'config':69 'correct':20 'default':74 'disabl':10 'done':19,56 'entri':49 'even':89 'fail':47 'file':70 'go':84 'instead':42 'intend':52 'left':72 'line':63 'login':12,24,78,93 'password':48 'permitrootlogin':61 'port':88 'question':76 'random':87 'reflect':39 'rest':66 'root':11,26 'seem':82 'server':4 'show':44 'ssh':14,29,81 'success':92 'think':16 'thought':34 'uncom':59 've':33,55 'via':13,28 'would':32,37"
    +cross: false
    +upVotes: 0
    +downVotes: 0
    +ranking: 1699715739
    +visibility: "visible             "
    +apId: "https://lemmy.ml/post/7770730"
    +editedAt: null
    +createdAt: DateTimeImmutable @1699629339 {#1793
      date: 2023-11-10 16:15:39.0 +01:00
    }
  }
  +magazine: App\Entity\Magazine {#265}
  +image: null
  +parent: App\Entity\EntryComment {#4604
    +user: App\Entity\User {#4241 …}
    +entry: App\Entity\Entry {#2419}
    +magazine: App\Entity\Magazine {#265}
    +image: null
    +parent: App\Entity\EntryComment {#4569
      +user: Proxies\__CG__\App\Entity\User {#1970 …}
      +entry: App\Entity\Entry {#2419}
      +magazine: App\Entity\Magazine {#265}
      +image: null
      +parent: App\Entity\EntryComment {#4480
        +user: App\Entity\User {#4241 …}
        +entry: App\Entity\Entry {#2419}
        +magazine: App\Entity\Magazine {#265}
        +image: null
        +parent: App\Entity\EntryComment {#4386
          +user: Proxies\__CG__\App\Entity\User {#1970 …}
          +entry: App\Entity\Entry {#2419}
          +magazine: App\Entity\Magazine {#265}
          +image: null
          +parent: App\Entity\EntryComment {#4301
            +user: App\Entity\User {#4314 …}
            +entry: App\Entity\Entry {#2419}
            +magazine: App\Entity\Magazine {#265}
            +image: null
            +parent: null
            +root: null
            +body: "That all sounds correct to me. The random port you’re seeing in the logs is a high port, often referred to as an ephemeral port, and it is common for source ports. All good there."
            +lang: "en"
            +isAdult: false
            +favouriteCount: 12
            +score: 0
            +lastActive: DateTime @1699731832 {#4296
              date: 2023-11-11 20:43:52.0 +01:00
            }
            +ip: null
            +tags: null
            +mentions: [
              "@cyberwolfie@lemmy.ml"
            ]
            +children: Doctrine\ORM\PersistentCollection {#4302 …}
            +nested: Doctrine\ORM\PersistentCollection {#4304 …}
            +votes: Doctrine\ORM\PersistentCollection {#4306 …}
            +reports: Doctrine\ORM\PersistentCollection {#4308 …}
            +favourites: Doctrine\ORM\PersistentCollection {#4310 …}
            +notifications: Doctrine\ORM\PersistentCollection {#4312 …}
            -id: 107858
            -bodyTs: "'common':30 'correct':4 'ephemer':25 'good':35 'high':18 'log':15 'often':20 'port':9,19,26,33 'random':8 're':11 'refer':21 'see':12 'sound':3 'sourc':32"
            +ranking: 0
            +commentCount: 0
            +upVotes: 0
            +downVotes: 0
            +visibility: "visible             "
            +apId: "https://infosec.pub/comment/4119380"
            +editedAt: null
            +createdAt: DateTimeImmutable @1699629642 {#4297
              date: 2023-11-10 16:20:42.0 +01:00
            }
          }
          +root: App\Entity\EntryComment {#4301}
          +body: """
            Ok, thanks - so if I understand correctly then, it is listening on port 22 as a default, and not accepting traffic on any port.\n
            \n
            That brings of the question: wouldn’t I be better off changing the SSH-port? And is that so easy as to uncomment the `#Port 22` line in the config file and changing the port number to something random, and saving that somewhere? Would I then be able to connect by running `ssh myuser@mydomain.com:`, or would I need to do anything else to successfully connect?
            """
          +lang: "en"
          +isAdult: false
          +favouriteCount: 2
          +score: 0
          +lastActive: DateTime @1699630006 {#4387
            date: 2023-11-10 16:26:46.0 +01:00
          }
          +ip: null
          +tags: [
            "port"
          ]
          +mentions: [
            "@cyberwolfie@lemmy.ml"
            "@starkzarn@infosec.pub"
          ]
          +children: Doctrine\ORM\PersistentCollection {#4382 …}
          +nested: Doctrine\ORM\PersistentCollection {#4377 …}
          +votes: Doctrine\ORM\PersistentCollection {#4381 …}
          +reports: Doctrine\ORM\PersistentCollection {#4391 …}
          +favourites: Doctrine\ORM\PersistentCollection {#4393 …}
          +notifications: Doctrine\ORM\PersistentCollection {#4395 …}
          -id: 107877
          -bodyTs: "'22':14,51 'abl':73 'accept':20 'anyth':86 'better':34 'bring':26 'chang':36,58 'config':55 'connect':75,90 'correct':7 'default':17 'easi':45 'els':87 'file':56 'line':52 'listen':11 'myuser@mydomain.com':79 'need':83 'number':61 'ok':1 'port':13,24,40,50,60 'question':29 'random':64 'run':77 'save':66 'someth':63 'somewher':68 'ssh':39,78 'ssh-port':38 'success':89 'thank':2 'traffic':21 'uncom':48 'understand':6 'would':69,81 'wouldn':30"
          +ranking: 0
          +commentCount: 0
          +upVotes: 0
          +downVotes: 0
          +visibility: "visible             "
          +apId: "https://lemmy.ml/comment/5678183"
          +editedAt: null
          +createdAt: DateTimeImmutable @1699630006 {#4390
            date: 2023-11-10 16:26:46.0 +01:00
          }
        }
        +root: App\Entity\EntryComment {#4301}
        +body: "You would need to specify the new port when using ssh (using the -p$PORT option). Just keep in mind that security through obscurity is not considered secure in itself. You could instead consider a service like fail2ban that automatically blocks connections from certain sources depending on your set parameters."
        +lang: "en"
        +isAdult: false
        +favouriteCount: 10
        +score: 0
        +lastActive: DateTime @1699630241 {#4479
          date: 2023-11-10 16:30:41.0 +01:00
        }
        +ip: null
        +tags: null
        +mentions: [
          "@cyberwolfie@lemmy.ml"
          "@starkzarn@infosec.pub"
        ]
        +children: Doctrine\ORM\PersistentCollection {#4484 …}
        +nested: Doctrine\ORM\PersistentCollection {#4490 …}
        +votes: Doctrine\ORM\PersistentCollection {#4486 …}
        +reports: Doctrine\ORM\PersistentCollection {#4491 …}
        +favourites: Doctrine\ORM\PersistentCollection {#4493 …}
        +notifications: Doctrine\ORM\PersistentCollection {#4495 …}
        -id: 107899
        -bodyTs: "'automat':40 'block':41 'certain':44 'connect':42 'consid':27,34 'could':32 'depend':46 'fail2ban':38 'instead':33 'keep':18 'like':37 'mind':20 'need':3 'new':7 'obscur':24 'option':16 'p':14 'paramet':50 'port':8,15 'secur':22,28 'servic':36 'set':49 'sourc':45 'specifi':5 'ssh':11 'use':10,12 'would':2"
        +ranking: 0
        +commentCount: 0
        +upVotes: 0
        +downVotes: 0
        +visibility: "visible             "
        +apId: "https://feddit.de/comment/4689891"
        +editedAt: null
        +createdAt: DateTimeImmutable @1699630241 {#4476
          date: 2023-11-10 16:30:41.0 +01:00
        }
      }
      +root: App\Entity\EntryComment {#4301}
      +body: """
        > Just keep in mind that security through obscurity is not considered secure in itself.\n
        \n
        Do you consider it to not be a helpful measure to take at all?\n
        \n
        I have fail2ban configured - since it is reading from the auth.log, I guess I would not have to make any changes to the configuration there to have it work with a new port?
        """
      +lang: "en"
      +isAdult: false
      +favouriteCount: 2
      +score: 0
      +lastActive: DateTime @1699630798 {#4567
        date: 2023-11-10 16:39:58.0 +01:00
      }
      +ip: null
      +tags: null
      +mentions: [
        "@cyberwolfie@lemmy.ml"
        "@starkzarn@infosec.pub"
        "@siph@feddit.de"
      ]
      +children: Doctrine\ORM\PersistentCollection {#4570 …}
      +nested: Doctrine\ORM\PersistentCollection {#4572 …}
      +votes: Doctrine\ORM\PersistentCollection {#4574 …}
      +reports: Doctrine\ORM\PersistentCollection {#4576 …}
      +favourites: Doctrine\ORM\PersistentCollection {#4578 …}
      +notifications: Doctrine\ORM\PersistentCollection {#4580 …}
      -id: 107935
      -bodyTs: "'auth.log':39 'chang':49 'configur':32,52 'consid':11,17 'fail2ban':31 'guess':41 'help':23 'keep':2 'make':47 'measur':24 'mind':4 'new':60 'obscur':8 'port':61 'read':36 'secur':6,12 'sinc':33 'take':26 'work':57 'would':43"
      +ranking: 0
      +commentCount: 0
      +upVotes: 0
      +downVotes: 0
      +visibility: "visible             "
      +apId: "https://lemmy.ml/comment/5678562"
      +editedAt: null
      +createdAt: DateTimeImmutable @1699630798 {#4568
        date: 2023-11-10 16:39:58.0 +01:00
      }
    }
    +root: App\Entity\EntryComment {#4301}
    +body: """
      It’s a mixed bag. Personally I wouldn’t use a non-standard port.\n
      \n
      Consider that port numbers under 1024 are [Privileged Ports](https://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html). You would either have to make sure that no other privileged service is running on the port you want to use for SSH when using another privileged port or you need to make sure that no unprivileged program tries to use the same port as your SSH service when using a non-privileged. Overall it adds a bit of overhead and possible headaches for barely any gain.\n
      \n
      Fail2ban *should* work with a different port without any further configuration but it might not.
      """
    +lang: "en"
    +isAdult: false
    +favouriteCount: 2
    +score: 0
    +lastActive: DateTime @1699631376 {#4608
      date: 2023-11-10 16:49:36.0 +01:00
    }
    +ip: null
    +tags: null
    +mentions: [
      "@cyberwolfie@lemmy.ml"
      "@starkzarn@infosec.pub"
      "@siph@feddit.de"
    ]
    +children: Doctrine\ORM\PersistentCollection {#4601 …}
    +nested: Doctrine\ORM\PersistentCollection {#4599 …}
    +votes: Doctrine\ORM\PersistentCollection {#4603 …}
    +reports: Doctrine\ORM\PersistentCollection {#4614 …}
    +favourites: Doctrine\ORM\PersistentCollection {#4616 …}
    +notifications: Doctrine\ORM\PersistentCollection {#4618 …}
    -id: 107970
    -bodyTs: "'/daemon/user/installation/privilegedports.html).':27 '1024':21 'add':84 'anoth':53 'bag':5 'bare':93 'bit':86 'configur':106 'consid':16 'differ':101 'either':30 'fail2ban':96 'gain':95 'headach':91 'make':33,60 'might':109 'mix':4 'need':58 'non':13,80 'non-privileg':79 'non-standard':12 'number':19 'overal':82 'overhead':88 'person':6 'port':15,18,24,44,55,71,102 'possibl':90 'privileg':23,38,54,81 'program':65 'run':41 'servic':39,75 'ssh':50,74 'standard':14 'sure':34,61 'tri':66 'unprivileg':64 'use':10,48,52,68,77 'want':46 'without':103 'work':98 'would':29 'wouldn':8 'www.w3.org':26 'www.w3.org/daemon/user/installation/privilegedports.html).':25"
    +ranking: 0
    +commentCount: 0
    +upVotes: 0
    +downVotes: 0
    +visibility: "visible             "
    +apId: "https://feddit.de/comment/4690495"
    +editedAt: DateTimeImmutable @1699708626 {#4611
      date: 2023-11-11 14:17:06.0 +01:00
    }
    +createdAt: DateTimeImmutable @1699631376 {#4607
      date: 2023-11-10 16:49:36.0 +01:00
    }
  }
  +root: App\Entity\EntryComment {#4301}
  +body: "Alright, cheers - I’ll leave it be as well then :)"
  +lang: "en"
  +isAdult: false
  +favouriteCount: 2
  +score: 0
  +lastActive: DateTime @1699631690 {#4630
    date: 2023-11-10 16:54:50.0 +01:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@cyberwolfie@lemmy.ml"
    "@starkzarn@infosec.pub"
    "@siph@feddit.de"
  ]
  +children: Doctrine\ORM\PersistentCollection {#4627 …}
  +nested: Doctrine\ORM\PersistentCollection {#4624 …}
  +votes: Doctrine\ORM\PersistentCollection {#4622 …}
  +reports: Doctrine\ORM\PersistentCollection {#4636 …}
  +favourites: Doctrine\ORM\PersistentCollection {#4638 …}
  +notifications: Doctrine\ORM\PersistentCollection {#4640 …}
  -id: 107991
  -bodyTs: "'alright':1 'cheer':2 'leav':5 'll':4 'well':9"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.ml/comment/5678996"
  +editedAt: null
  +createdAt: DateTimeImmutable @1699631690 {#4633
    date: 2023-11-10 16:54:50.0 +01:00
  }
}
"App\Security\Voter\UserVoter"
App\Entity\Magazine {#265
  +icon: Proxies\__CG__\App\Entity\Image {#246 …}
  +name: "linux@lemmy.ml"
  +title: "linux"
  +description: """
    From Wikipedia, the free encyclopedia\n
    \n
    Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).\n
    \n
    Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.\n
    \n
    ### Rules\n
    \n
    - Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.\n
    - No misinformation\n
    - No NSFW content\n
    - No hate speech, bigotry, etc\n
    \n
    ### Related Communities\n
    \n
    - [!opensource@lemmy.ml](https://lemmy.ml/c/opensource)\n
    - [!libre_culture@lemmy.ml](https://lemmy.ml/c/libre_culture)\n
    - [!technology@lemmy.ml](https://lemmy.ml/c/technology)\n
    - [!libre_hardware@lemmy.ml](https://lemmy.ml/c/libre_hardware)\n
    \n
    Community icon by [Alpár-Etele Méder](https://www.iconfinder.com/pocike), licensed under [CC BY 3.0](https://creativecommons.org/licenses/by/3.0/)
    """
  +rules: null
  +subscriptionsCount: 1
  +entryCount: 1406
  +entryCommentCount: 28632
  +postCount: 6
  +postCommentCount: 214
  +isAdult: false
  +customCss: null
  +lastActive: DateTime @1729583542 {#275
    date: 2024-10-22 09:52:22.0 +02:00
  }
  +markedForDeletionAt: null
  +tags: null
  +moderators: Doctrine\ORM\PersistentCollection {#237 …}
  +ownershipRequests: Doctrine\ORM\PersistentCollection {#233 …}
  +moderatorRequests: Doctrine\ORM\PersistentCollection {#222 …}
  +entries: Doctrine\ORM\PersistentCollection {#180 …}
  +posts: Doctrine\ORM\PersistentCollection {#138 …}
  +subscriptions: Doctrine\ORM\PersistentCollection {#200 …}
  +bans: Doctrine\ORM\PersistentCollection {#117 …}
  +reports: Doctrine\ORM\PersistentCollection {#103 …}
  +badges: Doctrine\ORM\PersistentCollection {#81 …}
  +logs: Doctrine\ORM\PersistentCollection {#71 …}
  +awards: Doctrine\ORM\PersistentCollection {#1346 …}
  +categories: Doctrine\ORM\PersistentCollection {#1823 …}
  -id: 73
  +apId: "linux@lemmy.ml"
  +apProfileId: "https://lemmy.ml/c/linux"
  +apPublicUrl: "https://lemmy.ml/c/linux"
  +apFollowersUrl: "https://lemmy.ml/c/linux/followers"
  +apInboxUrl: "https://lemmy.ml/inbox"
  +apDomain: "lemmy.ml"
  +apPreferredUsername: "linux"
  +apDiscoverable: true
  +apManuallyApprovesFollowers: null
  +privateKey: null
  +publicKey: null
  +apFetchedAt: DateTime @1729583596 {#269
    date: 2024-10-22 09:53:16.0 +02:00
  }
  +apDeletedAt: null
  +apTimeoutAt: null
  +visibility: "visible             "
  +createdAt: DateTimeImmutable @1698929468 {#271
    date: 2023-11-02 13:51:08.0 +01:00
  }
}
"App\Security\Voter\UserVoter"

Symfony Profiler

GET https://kbin.spritesserver.nl/index.php/m/linux@lemmy.ml/t/11766/Have-I-successfully-blocked-ssh-logins-to-root

Configuration Settings

Theme

Page Width

Security

Token

Firewall

Configuration

Listeners

Authenticators

Access Decision

Access decision log