I have recently bought a new server for home use running Gentoo linux. I was scanning the logs today and was horrified when I saw how many people have been trying to break into my box, I don't believe anyone was succesfull(I think), but I really need to put some security measures in place.
I started off by closing the box off to the outside world until I can figure out the best security scheme to keep these bastards out of my box. I changed the default port in sshd_config to a different port number, and I would like to use a different authentication method other than user/password, but wasn't sure if such a solution exists. I remember vaguely reading about smart card auth, but that wouldn't be the best solution for me.
Can someone tell me if I can use a different authentication method other than username/password?(Id like to disable it alltogether) Also, I would like a shell script or program that will scan my log files and notice any discrepancies, if it finds any, sends me an email and bans the IP address of the offender. This is the first real linux box I have had, and I have never had any experience with break ins or securing my box. I do run a firewall, however, I need access to this box from the outside world when I am not home. If any of you security gurus could give me some tips, I would greatly appreciate it.
I started off by closing the box off to the outside world until I can figure out the best security scheme to keep these bastards out of my box. I changed the default port in sshd_config to a different port number, and I would like to use a different authentication method other than user/password, but wasn't sure if such a solution exists. I remember vaguely reading about smart card auth, but that wouldn't be the best solution for me.
Can someone tell me if I can use a different authentication method other than username/password?(Id like to disable it alltogether) Also, I would like a shell script or program that will scan my log files and notice any discrepancies, if it finds any, sends me an email and bans the IP address of the offender. This is the first real linux box I have had, and I have never had any experience with break ins or securing my box. I do run a firewall, however, I need access to this box from the outside world when I am not home. If any of you security gurus could give me some tips, I would greatly appreciate it.