Hi,
before I change and run into troubles: is it possible to change the SSH port and deny root-login for security reasons or does anything internal (sync cluster for example) depend on it?
It is your opinion. We can see millions of brute & forces per day - and do you know if everybody has a "good" password? Atleast it doesnt DEcrease security ...
Disallow direct root - login maybe one of the basic things one should do on machines reachable public. Well, everybody has its own opinion / experiences ... therefor i asked.
Maybe it would be an idea for the future, that the system uses another user to connect the nodes?
Use fail2ban, firewalling, proper sshd_config (root only from certain ips) settings and better authentication methods to increase security.
If you just change a port the brute-force attacks will continue on the other port.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.