Two new-to-me techniques for keeping your server free from SSH brute force attacks by tuning up your /etc/ssh/sshd_config file. I know that using IP Address based security is probably more secure, but I wanted to find a solution that could yield higher security without limiting IP addresses. I like to be able to access the machines I need to access without having to be at a specific location, or have a vpn, or ssh through a couple machines before I can access the machine I need. I recognize those solutions are likely more secure but, I'm trying to avoid, IP based security restrictions if possible.

Stop people from attempting to login as root

Add (or find and modify the this line: PermitRootLogin no This simply doesn't allow people to login directly to your box under the root user. Simple enough. Not letting people log in directly as root takes away one of the well known users that people will attempt to login as. This means that everyone who wants to gain root will first have to login as another (more obscure) user on the system, which leads me to.

Only Allow Logins from specified users

Add (or find and modify the this line: AllowUsers username1 username2 This means that only these users are allowed to login. Every other user cannot. This is handy because it eliminates all those other user accounts that are created on the system, which probably aren't but might currently have ssh access.

Neither of these techniques strike me as silver bullet solutions, but as I'm realizing there are no silver bullet solutions in keeping a machine secure. So consider these two more possibilities for further guarding the machines. Like a moat around the castle walls.

Entertainment is a double edged sword that I think about from time to time. Whether its reading a book or watching TV, I spend an awful lot of time putting other people thoughts and work into my vision and into my mind. Often I don't ever take the time to make a response to what I've seen or heard. And I can't help but wonder if that cheapens the experience. Is there something truly human about responding. If it's true that watching TV puts peoples brains at a lower state of activity then sleeping is that something that we as a people should really be striving for?

It's so easy to make life about consumption and inputs. But what are we putting out? What are we adding to the world or our society?

Certainly, there is a time for enjoying those things that others have worked hard to create! That's art! And art is made to be shared and enjoyed. But I have found that concerts are better when I'm able to stir the courage to be a dancing and plays are best when I am able to shake hands with the players or clap loudly to encourage them. There is a big part of me that wonders if when there is a lack of ability to have that kind of feedback if there is something missing. I recognize that reading a book is a passive consumption and I wonder if the reason that schooling forced us through book reviews was to help us engage the work. At the end of the day I think that's what is at stake here, engagement. Where input/entertainment is taken without engagement I feel like there's something amiss. Input deserves output. Even if its just a status update, sharing something with a friend over a beer or a full blown blog post.