Hacker News new | ask | show | jobs
by t0mas88 1726 days ago
I do the same, but only 10 minutes after 5 failed logins. That's enough for bots while not really getting in your way if it accidentally blocks the hotel you're in.

Combined with only allowing key based login, password is disabled.
1 comments
_moof 1726 days ago
I've recently added 2FA as well. Super easy to do.
link
alias_neo 1726 days ago
I wrote a blog on how to do it a couple years back if anyone is interested in a "tutorial": https://2byt.es/post/totp/

It's for the Pi as that's the target audience but it should apply generally for OpenSSH.

There's also a sister post about improving your "first factor" for those still using passwords: https://2byt.es/post/totp2/

link