Yeah, all good and nice, but as long as they are not part of all linux distributions, I will not use them. I need a ls because I know it is working on all machines that I use. Additionally, don’t forget that introducing new tools also introduces new attack surfaces, something you want to avoid on very important servers.

Yeah, I see your point. No use to repeat the same you can read in other comments or in those 274772 guides online. I was trying to imply to just generally harden ssh because then brute-force attempts should be no issue, unless you log everything and the disk space gets maxed out :D

Fml… yes, I meant CrowdSec. Thanks for the hint

• harden sshd
• use fail2ban or even better CrowdStrike CrowdSec
• use a tool like the following to have a next-gen security solution: https://github.com/mrash/fwknop