phlux: congrats thanks m0unds I'm remembering what it felt like to be up for > 24 hours now last night was the longest night of my life unexpected side effect of arp network's port 22 rate limiter: detecting a misconfigured ansible setup that was making loads of reconnections instead of re-using one session :o I don't ever have my sshd set to 22 anyways too many brute force attempts haw haw, wai naht change http too lolol don't see many error messages in my logs regarding the httpd :P i've seen that so many times when people (including me) mention changing ssh ports but i only have 1 server that runs an httpd anyways haw haw y u no chg all portz haha i like quiet logs i guess the real difference is i don't want anyone trying to access ssh that hasn't been given permission in the first place right then on top of that, it makes unauthorized attempts stick out significantly more so i change the port, and on some servers, i even run certain ipfw rules to limit who can access the ssh ports yeah I honestly may disable password auth just leave it to the keys I'll create one failsafe account in case i lose my keys somehow it'll have some ridiculously long password that only my password manager (encrypted via truecrypt and a keyfile) will know phlux: I've disabled password auth for years. my general sshd_config, disable root logins, disable password auth, and I have iptables set to block bruteforce ssh attacks (and run ssh on the default port)