Show your effective sshd server config: sudo sshd -T
This is good advice in general. Think of it like penetration testing. You really should verify what you can actually access remotely on a device and not assume you have any level of protection until you’ve tried it.
Log files can also contain signs of attack like password guessing. You should review these on a regular basis.
Good advice. One should always test, for correctness, not just infer.
I could even go further into saying: always test every change you make, do not assume the change has been made because you updated a file.
/etc/ssh/ssh.d/
You mean /etc/ssh/sshd_config.d
?
Fixed it. Thanks
You for got the d
!
sshd_config
picard_facepalm.png. can you tell I just Tab through terminal?
Had a similar issue with tlp recently. I just happened to notice the laptop battery was at 100%, and said it was charging. I double and triple checked the config file, but the tlp-stat -b still showed the thresholds at 90%-100%.
Turns out tlp, at some point, started ignoring /etc/tlp.conf, and was pointing to /etc/default/tlp
Yeah that sounds pretty bad. Is there a quick way to disable ssh keys to test?
OpenSSH right? What version?
No issues with Dropbear
Self Hosted - Self-hosting your services.
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules
- No harassment
- crossposts from c/Open Source & c/docker & related may be allowed, depending on context
- Video Promoting is allowed if is within the topic.
- No spamming.
- Stay friendly.
- Follow the lemmy.ml instance rules.
- Tag your post. (Read under)
Important
Beginning of January 1st 2024 this rule WILL be enforced. Posts that are not tagged will be warned and if not fixed within 24h then removed!
- Lemmy doesn't have tags yet, so mark it with [Question], [Help], [Project], [Other], [Promoting] or other you may think is appropriate.
Cross-posting
- !everything_git@lemmy.ml is allowed!
- !docker@lemmy.ml is allowed!
- !portainer@lemmy.ml is allowed!
- !fediverse@lemmy.ml is allowed if topic has to do with selfhosting.
- !selfhosted@lemmy.ml is allowed!