This is data from auth.log over a timespan of 3 days. I have since moved the ssh port form 22 to a non default one.
Posted by rundowntomato
![[OC] SSH login attempts on my home server by country](https://www.byteseu.com/wp-content/uploads/2025/10/9phmkjny78vf1-968x1536.png "[OC] SSH login attempts on my home server by country")
This is data from auth.log over a timespan of 3 days. I have since moved the ssh port form 22 to a non default one.
Posted by rundowntomato
11 Comments
I don’t know what to make of this.
No idea what any of this means
Twas I! Twas I whomst attempted the log in from Guadeloupe! And be warned mine dastardly deeds shall not end here!
Nice collection! Good call on changing ports, also if you don’t use it yet, check out fail2ban, it’s very useful.
Guys… it’s 2025. Change your ssh port for gods sake
Sweden here. We are either the good guys, or we only needed one attempt.
Why is Russia so low? I make the IT Secruity of a student network and we get tens of thousands of port sniffers from russia a day. Second is Iran with a few thousand, followed by US and China
16.000 attempts is nothing compare to a strong password.
My NAT locked connection laughs in inconvenience.
I don’t know anytging about ssh – is the country of the target relevant for the hacker? For example, can a hacker target servers in a specific country?
(Is it possible to tell which country a server is in via SSH?)
Saw something similar from my side, just ended up blocking china & russia since I have no business (ever) with those IPs, safety increased, feels good man