FBXL Social

rate the ssh banner I made

@dushman@hollow.raccoon.quest 10/10 even has a funny warning lol

@dushman good, but have you tried using https://github.com/radare/tiv

@froge @dushman That's a stupid idea, what if they get the password wrong?

@dushman it looks horrifying, well done

@dushman It's likely that no human will ever see it, but not bad. It's more exciting to reverse DoS bots that keep trying password auth on keyfile-only connections.

@Suiseiseki@freesoftwareextremist.com
Lmao yeah a lot of them don't even support the ciphers I have configured so the connection gets dropped right away lol

@Suiseiseki@freesoftwareextremist.com
after enough tries they get temp banned and then permabanned if tthey keep trying lol

@froge@social.glitched.systems @Hyolobrika@social.fbxl.net
It's only a temp ban first and then permabanned after even more tries so it's fine

@froge@social.glitched.systems @Hyolobrika@social.fbxl.net
also it's configured for key auth only passwords are completely disabled for security

@froge@social.glitched.systems @Hyolobrika@social.fbxl.net
most of these bots use ssh clients so old they don't even support the ciphers required to connect to our server lol

@dushman @froge fair enough then. I guess I was the idiot bird getting owned
replies
0
announces
0
likes
0

@dushman @Hyolobrika @froge change ban time to 2 to 5 years

@dushman @Hyolobrika @froge I'm dead serious

@jesu @dushman @froge might be a good idea. Would defend against people maliciously getting IPs banned

@jesu IPs can change allocations within months, so setting an IP ban for 2 years can potentially block a legitimate browser of say your website.

Most bots seem to give up after an hour.

@Suiseiseki @jesu it can also fill up your fail2ban filters with IPs and potentially slow down the firewall especially on reloads i have noticed