Oh all of my configs are deny root ssh login or without-password. I noticed a significant decrease in scans when returning a root prompt when I did that. This was also in the mid 2000s so who knows how things would be in this day in age for a reduction in scans
@Pacmanlives
So it was a fake root prompt which tricked the bots into believing that they logged in successfully but in reality the prompt could do nothing on the system?
I remember in college editing OpenSSH source code to instead of return wrong password to a root shell prompt just to stop brute force attacks
A honeypot!
But… arent they logged in as root then? Wdym with “prompt” i am lost
@Pacmanlives
Couldn’t you just disable root login in the sshd config?
Oh all of my configs are deny root ssh login or without-password. I noticed a significant decrease in scans when returning a root prompt when I did that. This was also in the mid 2000s so who knows how things would be in this day in age for a reduction in scans
@Pacmanlives
So it was a fake root prompt which tricked the bots into believing that they logged in successfully but in reality the prompt could do nothing on the system?
Correct