You must log in or register to comment.
For as long as I can remember, open SSH endpoints have been subject to password scan attacks from random corners of the internet. It’s just how life is.
The moment I install ssh is the moment I install fail2ban.
I found just white listing cidrs from your country the most effective way to reduce this log spam. I only use keys anyway so the attempts are pointless.
I was exited to read about the recent surge of brute force attempts I received from IPs my fail2ban has not previously seen, but this is just a generic piece from 6 months ago :(