An alternative solution to this problem is simply not having an SSH daemon available on your public IP address. I only permit ssh access from either my internal network or from a VPN link. (OpenVPN, since IPsec is too horrible for words to configure). Since I only need ssh access from a limited number of computers (two: my computer at work or my laptop), having them setup to establish a VPN connection and run ssh through it is not a problem. Apart from keeping SSH off the public IP, the VPN connection also allows me to access other ressources - e.g. I can nfs mount my home directory from a remote location through the VPN link, which does come in handy at times.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds