Сейчас заглянул в auth.log и обнаружил, что меня кто-то с ноября прошлого года упорно пытается брутфорсить:
Aug 26 07:28:53 arnor sshd[14960]: Invalid user core from 88.191.63.231
Aug 26 07:28:53 arnor sshd[14960]: pam_tally(sshd:auth): pam_get_uid; no such user
Aug 26 07:28:53 arnor sshd[14960]: pam_unix(sshd:auth): check pass; user unknown
Aug 26 07:28:53 arnor sshd[14960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=sd-11117.dedibox.fr
Aug 26 07:28:54 arnor sshd[14960]: Failed password for invalid user core from 88.191.63.231 port 56307 ssh2
Aug 26 07:28:55 arnor sshd[14962]: Invalid user newsletter from 88.191.63.231
Aug 26 07:28:55 arnor sshd[14962]: pam_tally(sshd:auth): pam_get_uid; no such user
Aug 26 07:28:55 arnor sshd[14962]: pam_unix(sshd:auth): check pass; user unknown
Aug 26 07:28:55 arnor sshd[14962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=sd-11117.dedibox.fr
Aug 26 07:28:57 arnor sshd[14962]: Failed password for invalid user newsletter from 88.191.63.231 port 57422 ssh2
Aug 26 07:28:58 arnor sshd[14964]: Invalid user named from 88.191.63.231
Aug 26 07:28:58 arnor sshd[14964]: pam_tally(sshd:auth): pam_get_uid; no such user
Aug 26 07:28:58 arnor sshd[14964]: pam_unix(sshd:auth): check pass; user unknown
Aug 26 07:28:58 arnor sshd[14964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=sd-11117.dedibox.fr
Aug 26 07:29:01 arnor sshd[14964]: Failed password for invalid user named from 88.191.63.231 port 57746 ssh2
Aug 26 07:29:02 arnor sshd[14966]: Invalid user visitor from 88.191.63.231
Aug 26 07:29:02 arnor sshd[14966]: pam_tally(sshd:auth): pam_get_uid; no such user
Aug 26 07:29:02 arnor sshd[14966]: pam_unix(sshd:auth): check pass; user unknown
Aug 26 07:29:02 arnor sshd[14966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=sd-11117.dedibox.fr
Aug 26 07:29:04 arnor sshd[14966]: Failed password for invalid user visitor from 88.191.63.231 port 59036 ssh2
Aug 26 07:29:05 arnor sshd[14968]: Invalid user ftpuser from 88.191.63.231
Aug 26 07:29:05 arnor sshd[14968]: pam_tally(sshd:auth): pam_get_uid; no such user
Aug 26 07:29:05 arnor sshd[14968]: pam_unix(sshd:auth): check pass; user unknown
Aug 26 07:29:05 arnor sshd[14968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=sd-11117.dedibox.fr
Aug 26 07:29:06 arnor sshd[14968]: Failed password for invalid user ftpuser from 88.191.63.231 port 60102 ssh2
Aug 26 07:29:07 arnor sshd[14970]: Invalid user username from 88.191.63.231
Aug 26 07:29:07 arnor sshd[14970]: pam_tally(sshd:auth): pam_get_uid; no such user
Aug 26 07:29:07 arnor sshd[14970]: pam_unix(sshd:auth): check pass; user unknown
Aug 26 07:29:07 arnor sshd[14970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=sd-11117.dedibox.fr
Aug 26 07:29:09 arnor sshd[14970]: Failed password for invalid user username from 88.191.63.231 port 60372 ssh2
Aug 26 07:29:10 arnor sshd[14972]: Invalid user administrator from 88.191.63.231
Aug 26 07:29:10 arnor sshd[14972]: pam_tally(sshd:auth): pam_get_uid; no such user
Aug 26 07:29:10 arnor sshd[14972]: pam_unix(sshd:auth): check pass; user unknown
Aug 26 07:29:10 arnor sshd[14972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=sd-11117.dedibox.fr
Aug 26 07:29:12 arnor sshd[14972]: Failed password for invalid user administrator from 88.191.63.231 port 33224 ssh2
Aug 26 07:29:13 arnor sshd[14974]: Invalid user library from 88.191.63.231
Aug 26 07:29:13 arnor sshd[14974]: pam_tally(sshd:auth): pam_get_uid; no such user
Aug 26 07:29:13 arnor sshd[14974]: pam_unix(sshd:auth): check pass; user unknown
Aug 26 07:29:13 arnor sshd[14974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=sd-11117.dedibox.fr
Aug 26 07:29:15 arnor sshd[14974]: Failed password for invalid user library from 88.191.63.231 port 33594 ssh2
Aug 26 07:29:17 arnor sshd[14976]: Invalid user test from 88.191.63.231
Aug 26 07:29:17 arnor sshd[14976]: pam_tally(sshd:auth): pam_get_uid; no such user
Aug 26 07:29:17 arnor sshd[14976]: pam_unix(sshd:auth): check pass; user unknown
Aug 26 07:29:17 arnor sshd[14976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=sd-11117.dedibox.fr
Aug 26 07:29:18 arnor sshd[14976]: Failed password for invalid user test from 88.191.63.231 port 34748 ssh2
В общем как можно вычислить этого идиота (а ломает он судя по разным IP из под разнообразных проксей), ну и как можно повысить безопасность системы кроме очевидных смены пароля и запрета заходить по ssh из интернетов (последнего хотелось бы избежать)?