***: NiTeMaRe has joined #arpnetworks m0unds: phlux: congrats phlux: thanks m0unds
I'm remembering what it felt like to be up for > 24 hours now
last night was the longest night of my life ***: jcv has quit IRC (Quit: leaving)
jcv has joined #arpnetworks
tabthorpe has quit IRC (Quit: leaving)
tabthorpe has joined #arpnetworks
tabthorpe has quit IRC (Client Quit)
tabthorpe has joined #arpnetworks
easymac has quit IRC (Remote host closed the connection)
easymac has joined #arpnetworks
easymac has quit IRC (Changing host)
easymac has joined #arpnetworks sjackso: unexpected side effect of arp network's port 22 rate limiter: detecting a misconfigured ansible setup that was making loads of reconnections instead of re-using one session staticsafe: :o ***: acf_ has quit IRC (Ping timeout: 255 seconds)
acf_ has joined #arpnetworks
acf_ has quit IRC (Ping timeout: 268 seconds)
acf_ has joined #arpnetworks
acf_ has quit IRC (Ping timeout: 268 seconds)
acf_ has joined #arpnetworks
acf_ has quit IRC (Ping timeout: 268 seconds)
acf_ has joined #arpnetworks
acf_ has quit IRC (Ping timeout: 268 seconds)
acf_ has joined #arpnetworks
acf_ has quit IRC (Ping timeout: 265 seconds)
acf_ has joined #arpnetworks phlux: I don't ever have my sshd set to 22 anyways
too many brute force attempts m0unds: haw haw, wai naht change http too lolol phlux: don't see many error messages in my logs regarding the httpd :P m0unds: i've seen that so many times when people (including me) mention changing ssh ports phlux: but i only have 1 server that runs an httpd anyways m0unds: haw haw y u no chg all portz phlux: haha m0unds: i like quiet logs phlux: i guess the real difference is i don't want anyone trying to access ssh that hasn't been given permission in the first place m0unds: right
then on top of that, it makes unauthorized attempts stick out significantly more phlux: so i change the port, and on some servers, i even run certain ipfw rules to limit who can access the ssh ports
yeah
I honestly may disable password auth
just leave it to the keys
I'll create one failsafe account in case i lose my keys somehow
it'll have some ridiculously long password that only my password manager (encrypted via truecrypt and a keyfile) will know jpalmer: phlux: I've disabled password auth for years. my general sshd_config, disable root logins, disable password auth, and I have iptables set to block bruteforce ssh attacks (and run ssh on the default port)