<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font face="Arial">Hi Jonathan<br>
<br>
I would strongly advise against *ever* using password based SSH
authentication - even if using fail2ban I would not expose a
server to the Internet without public key authentication enabled
(and password authentication disabled).<br>
<br>
More info available here:
<a class="moz-txt-link-freetext" href="https://macnugget.org/projects/publickeys/">https://macnugget.org/projects/publickeys/</a><br>
</font>
<div class="moz-signature">
<font style="font-family: Arial;" face="Arial" size="2">
<br>
<font color="7b7979" size="2"><b>George Mason</b></font><b><br>
<font color="62a1d6" size="2">Technical Director</font></b>
<br>
<br>
<table border="0">
<tbody>
<tr>
<td valign="middle" width="235"><a
href="http://www.xoomtalk.com" target="_blank"><img
src="cid:part1.09070607.01070006@xoomtalk.com"
border="0" width="225"></a> </td>
<td><font style="font-family: Arial;" font="" face="Arial"
color="#7b7979" size="2"><b> Tel:<br>
Mob:<br>
Fax:<br>
Web:</b> </font></td>
<td><font style="font-family: Arial;" face="Arial"
color="#62a1d6" size="2"> +44 (0)1273 900090<br>
+44 (0)7966 403353<br>
+44 (0)1273 900091<br>
<a style="text-decoration:none; color:#62a1d6"
href="http://www.xoomtalk.com/" target="_blank">www.xoomtalk.com</a>
</font></td>
</tr>
</tbody>
</table>
</font></div>
<div class="moz-cite-prefix">On 20/04/2016 18:00, Jonathan Yue
wrote:<br>
</div>
<blockquote
cite="mid:emdb500ebb-e8e5-47f6-85ce-7433fb6108b8@asus-x553m"
type="cite">
<div>It's the ssh access that was hacked. I suddenly noticed an
established ssh connection from Asia. since I disabled root
login in ssh right after install, the hacker must somehow have
got my login password. in a haste, I reverted the VM to a
previous snapshot, so I can't analyze how hacking happened now.</div>
</blockquote>
<br>
</body>
</html>