SSH attacks are quite common if you are running SSH on Port 22. Most automated robots try to login as root with various brute force and dictionary combinations to get access to your server. Further these robots put a lot of load on your server with thousands of retries to break in to your system. It can be prevented with simple steps. i have published the article here Leave me a feedback if my work is of any help
Good tutorial. I also install denyhosts on my servers too. This blocks IP addresses that make repeated failed attempts to log in. Matt
A couple other things: Specify AllowUsers user@host Allow only specific users from specific hosts, deny everyone else. Do not turn off PrivilegeSeparation and do not turn on X11Forwarding. Make sure you set password aging on user accounts that will be able to log into your server from the internet, and also lock accounts after a certain number of unsuccessful login attempts. Use TCPWrappers. There are so many other security related items that should be configured throughout a server; security is an ongoing effort. Nice tutorial.
I like method 2 but let say what if you accidentally lost your key which saved in your PC. What can you do? or you screw and have to reload the OS
i think using method 2 (SSH Public/Private Key Authentication) is the best way to prevent brute force attacks.
If you lost the key you would have to get someone with physical access to the machine (or kvm console) to login with the password that is still set on the account. If you also forgot that password you would need to boot in single user mode and reset the password. I would recommend not losing your key file and or keeping a backup in a safe place.