(The meme’s author may be convinced but I am still not, to be clear)
From: https://terra.incognita.net/@RainofTerra/116168632108345829
(The meme’s author may be convinced but I am still not, to be clear)
From: https://terra.incognita.net/@RainofTerra/116168632108345829
this seems like something I would do too, which is why I haven’t installed fail2ban
I set up, and prefer, iptables rules to rate limit logins.
I have mine set so you can connect up to 5 times per 15 minutes.
Blocks bots well enough, and if I really mess up, I just wait 15 mins
The nice thing about SSH key-based access is, I either have the key and login succeeds, or I have no business trying to log in.
That’s why my remote root server bans via fail2ban after a single failed login.
Yes I’ve had to write support to get a KVM. Yes it’s still configured like this.
i am a tailscale enjoyer, which means i can set up tailscale ssh once on each machine and then from another machine just login over tailscale
How’s that different from normal ssh?
Eh, the machine is actually in one of my wireguard nets anyways, but for different purposes.
as a nixos enjoyer, i have no idea how to setup ssh keys. fail2ban and a regular password for me.
yes, i have locked myself out of my own server for hours at a time because i’m an absolute tool.