mozz@mbin.grits.dev to Technology@lemmy.ml · 10 months agoLinux devices are under attack by a never-before-seen wormarstechnica.comexternal-linkmessage-square18fedilinkarrow-up1133arrow-down116file-text
arrow-up1117arrow-down1external-linkLinux devices are under attack by a never-before-seen wormarstechnica.commozz@mbin.grits.dev to Technology@lemmy.ml · 10 months agomessage-square18fedilinkfile-text
minus-squareKairos@lemmy.todaylinkfedilinkarrow-up24·10 months ago the NoaBot targets weak passwords connecting SSH connections. Harden your configs people. AllowUsers is a really goood one.
minus-square𝓢𝓮𝓮𝓙𝓪𝔂𝓔𝓶𝓶@lemmy.procrastinati.orglinkfedilinkarrow-up18·10 months agoOr just don’t allow password auth at all.
minus-squarejose1324@lemmy.worldlinkfedilinkarrow-up2arrow-down1·10 months agoOr just have a good password
minus-square𝓢𝓮𝓮𝓙𝓪𝔂𝓔𝓶𝓶@lemmy.procrastinati.orglinkfedilinkarrow-up2·10 months agoIf we’re going to play that game. Require an Ed25519 key with a strong password.
minus-squaremozz@mbin.grits.devOPlinkfedilinkarrow-up1·10 months ago (In this case the “wrench” is just breaking into some weak link that isn’t ssh, once your password is strong to not be a weak link)
Harden your configs people.
AllowUsers is a really goood one.
Or just don’t allow password auth at all.
Or just have a good password
If we’re going to play that game. Require an Ed25519 key with a strong password.
Or ed25519-sk.
(In this case the “wrench” is just breaking into some weak link that isn’t ssh, once your password is strong to not be a weak link)