On Sat, Aug 13, 2022 at 07:42:28PM +0200, Maurizio Caloro wrote:
>As /etc/fail2ban/filter.d/sshd.conf shows, "no matching host key type"
>messages are specifically ignored by Mode=normal.
>Try setting Mode=aggressive, it should catch those.
>
>Of course, DROPping ssh connections from AS28594 would work too. Unless
you're from Brazil, that is.
>
>Reco
Thanks for you answer, yes add aggressive to mode, restart services and add
to ssh_config
Host *
HostKeyAlgorithms +ssh-rsa,ssh-dss
PubkeyAcceptedKeyTypes +ssh-rsa,ssh-dss
But still auth logs everysecond with:
Aug 14 08:53:20 lenovo sshd[270588]: Unable to negotiate with 80.92.231.239
port 38675: no matching host key type found. Their offer:
ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ecdsa-sha2-nistp
256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2
-nistp521-cert-...@openssh.com,ssh-rsa,ssh-dss [preauth]
Thanks
Mauri
