Seems like a brute force SSH attack
looking at my /var/log/auth.log, I noticed an enormous amount of failed SSH login attempts, such as:
error: Could not load host key: /etc/ssh/sshhosted25519_key
Nov 30 14:16:37 <HOSTNAME> sshd: Failed password for root from 18.104.22.168 port 44584 ssh2
The IP address changes every once in a while, but the attempts are lasting for days now, constantly.
Any suggestions as to what I might do about it?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.×