5 Best Practices to Prevent SSH Brute-Force Login Attacks in Linux


Typically, SSH-enabled servers make for easy targets for brute-force attacks. The ongoing development further increases the risk of intrusion by hackers of new software tools and bots for automating brute-force attacks.

This manual will look at strategies to protect your SSH servers from brute-force attacks on Linux distributions based on RHEL and Debian derivatives.

1. Disable SSH Password Authentication and Enable SSH-Key Authentication

Username/password authentication is the standard authentication technique for SSH. But as we have seen, brute-force attacks can be used to target password authentication systems. Implementing key-based SSH authentication, in which authentication is made possible via public and private SSH key pairs, is advised to be safe. While the public key is copied to the server, the client’s private key stays on their computer.

During SSH key authentication, the server verifies whether the client PC has the private key. A shell session is created, or the command supplied to the remote server is executed if the check is successful. You may find detailed instructions for configuring SSH key-based authentication on our website. (more…)