Minimize sshd log clutter/spam from unauthenticated connections

Philipp Marek philipp at
Sun Mar 19 00:19:25 AEDT 2023

I guess you might find fail2ban useful.

It scans logfiles (like /var/log/sshd.log), and when it sees too many authentication failures from an IP address (or network range) it can issue commands to drop any further attempts via a firewall.

By having it read its own logfile it's possible to have repeated offenders be cut out for longer and longer time spans.

More information about the openssh-unix-dev mailing list