[wellylug] Best practices for AWS EC2 ssh security
daniel at centurion.net.nz
Fri Aug 17 01:49:09 UTC 2018
On 17/08/18 11:28, Fehmi Noyan ISI wrote:
> Hi there,
> I have been seeing lots of ssh brute force attacks to my ec2 instance.
> I use key based authentication and I will change the ssh port something other than 22.
> Does anybody have other recommendations, such as a good set of AWS Security Group INBOUND rules?
> I read using fail2ban could be another option, but I want to stop to attempt before it reaches my ec2 instance in the first place.
You can restrict your inbound traffic to port 22 to a pre-determined set
of IP addresses in the AWS security profile - other alternative is to
block port 22 and setup openvpn for remote access to the server or
private network in your security group.
Centurion Computer Technology (2005) Ltd.
021 797 722
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 866 bytes
Desc: OpenPGP digital signature
More information about the wellylug