I just create a new droplet a few minutes ago, I installed nginx and setup SSH keys to conect through PuTTY, and for my surprise when I login in my SSH Console, in the message I get:
“There were 445 failed login attempts since the last successful login.”
It is very strange to me, I create my droplet a few minute ago, It will be any hacker with bruteforce trying a invasion??
Sounds like you should take care of a few things. If you are using SSH keys, remove password login. Then install Fail2ban.
in /etc/ssh/sshd_config change the following lines so they match this:
ChallengeResponseAuthentication no
PasswordAuthentication no
Then follow the steps in the “Configuring a Basic Firewall” section here - https://www.digitalocean.com/community/tutorials/additional-recommended-steps-for-new-ubuntu-14-04-servers
Then install Fail2ban - https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-14-04
This is all assuming you are using Ubuntu 14.04
Thanks for tips! I am using Linux CentoS 7, Ubuntu is better distro for Linux?
Neither is inherently “better” than the other. We tend to have the widest variety of tutorials for Ubuntu but CentOS (a RHEL clone) is also a rock solid OS with a great community.