Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

my ec2 (ubuntu-20.04) instnace having abusive attack in an intermittent manner

0

few days back my instance have got an abusive attack, I have taken security measures, but this time again it happend. also i don't know how automatically ssh-key removed from authorized_key file, and another key have taken place, each time my instance showing "server key refused" when trying to ssh into it using putty.

any help will be appreciated.

Topics
Compute
Tags
Amazon EC2
Language
English
asked 4 years ago300 views
1 Answer
0

A security best practice is to limit the CIDR that you can access port 22 on. See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html

Alternatively, and current best practice, you can use Systems Manager Session Manager, where access is managed through IAM: https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager.html

AWS
answered 4 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content