SSH Bastion host best practices: How to Build and Deploy a Security-Hardened SSH Bastion Host

This page summarizes the projects mentioned and recommended in the original post on /r/linuxadmin
Linux Protection Ansible Security sysctl

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • crowdsec

    CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

    • One could also consider CrowdSec as an alternative to Fail2Ban here. It's free, opensourced collaborative threat intelligence in the sense that all CrowdSec users are helping each other out by reporting the attacks they're seeing, thereby watching each other's back. CrowdSec can be seen as a modern version on Fail2Ban able to detect and protect against more advanced attacks like slow bf and distributed attacks (by utilizing collaborative CTI). Like Fail2Ban it works by parsing logs. CrowdSec can protect a large range of services apart form SSH. Check out details on which logs can be parsed here.

  • ansible-collection-hardening

    This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

    • You can do much more https://github.com/dev-sec/ansible-collection-hardening/tree/master/roles/ssh_hardening

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Recommendations for advanced material (reading material, courses, etc) on server security?

    2 projects | /r/selfhosted | 26 Jan 2022

  • Disable notifications for one out of several machines

    1 project | /r/CrowdSec | 4 Jul 2023

  • 9. 为你的公网服务部署入侵检测

    1 project | /r/primecitizens | 2 Jul 2023

  • Brute.Fail Watch brute force attacks in real time

    3 projects | news.ycombinator.com | 2 Jun 2023

  • CrowdSec Engine 1.5 is officially here 🚀

    1 project | /r/CrowdSec | 24 May 2023