Hi, I'm new to virtual servers. Today I sshed into my droplet and wanted to do capistrano deployment. SSH login works ok, however, when I run cap deployment from my local, it fails when checking out code from bitbucket with following message:
Command: ( GIT_ASKPASS=/bin/echo GIT_SSH=/tmp/app/git-ssh.sh /usr/bin/env git ls-remote firstname.lastname@example.org:foobar/app.git )
Permission denied (publickey).
fatal: The remote end hung up unexpectedly
This was working perfectly a week ago and I did deployments several times. When I checked /var/log/auth.log, I see a lot of SSH login attempts from Asia (China, Korea...):
Jun 10 07:04:42 staging sshd: Disconnecting: Too many authentication failures for root [preauth]
Jun 10 07:04:42 staging sshd: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=22.214.171.124 user=root
Jun 10 07:04:42 staging sshd: PAM service(sshd) ignoring max retries; 6 > 3
Jun 10 07:04:45 staging sshd: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=126.96.36.199 user=root
Jun 10 07:04:47 staging sshd: Failed password for root from 188.8.131.52 port 2769 ssh2
Jun 10 07:04:59 sshd: last message repeated 5 times
Also several username login attempts, none of them I've seen/used before:
Jun 10 07:09:10 staging sshd: Invalid user hermes from 184.108.40.206
Jun 10 07:36:03 staging sshd: Invalid user sid from 220.127.116.11
Jun 10 07:42:44 staging sshd: Invalid user vincent from 18.104.22.168
Jun 10 07:56:11 staging sshd: Invalid user stella from 22.214.171.124
Jun 10 08:02:55 staging sshd: Invalid user ernie from 126.96.36.199
I'm using key based authentication for SSH and for bitbucket as well.
1) Are those SSH attempts something "common" or "to be expected"?
2) What can I do to make my droplet more secure and maybe report those attempts via email? And is it worth it?