A host from china try to ssh into my VM continuously

January 5, 2015 1.1k views

I've banned him and the attacker's IP address is:

2 Answers

Welcome to the wild wild west version 2.0.

You're bound to have all sorts of attackers that spoof their IP address. You may want to look at fail2ban to deal with attempted breakins. Also, look into key only ssh login instead of password authenticated logins.

by Justin Ellingwood
Fail2ban is a daemon that can be used to monitor the logs of services and ban clients that repeatedly fail authentication checks. It is a great tool to help protect against brute force attacks and malicious users. In this guide, we'll discuss how fail2ban works and how you can leverage its configuration structure to modify or extend its functionality.

fail2ban solves all (oh, and server passwords are sin, use keyfiles c:)

Have another answer? Share your knowledge.