>buy cheap o*h vps. >by finishing a purchase a vps with debian (my choice) starts up

>buy cheap o*h vps
>by finishing a purchase a vps with debian (my choice) starts up
>it has a public IPV4 with openssh sshd on default port running
>password auth is enabled
>log shows bots attack immediately
So far so stupid.
>go to control panel
>reinstall vps with a default ssh key you can add to the control panel
>can log in with ssh key
So far so good.
>password auth is still enabled
>edit sshd_config
>change ssh port
>make sure it says "PasswordAuthentication no"
My vps is literally Fort Knox now.
>password auth still works
WHAT THE FRICK

Some google searches later it turned out that 50-cloud-init.conf in sshd_config.d contains "PasswordAuthentication yes" and is loaded after the main config file.

Why do they do this? They even have a shitty javascript KVM, which should allow morons to get access to their system even if they can't figure out how to create ssh keys.

A Conspiracy Theorist Is Talking Shirt $21.68

Thalidomide Vintage Ad Shirt $22.14

A Conspiracy Theorist Is Talking Shirt $21.68

  1. 1 month ago
    Anonymous

    frick that, demand a refund and tell them their vpses are all vulnerable. plenty of VPS vendors out there. also sex with noa.

    • 1 month ago
      Anonymous

      It was the first google result and it was cheap. I only wanted to test something anyway.
      But this shocked me, especially that they provide setup with a pre-configured ssh key, but still enabled password auth. I'm not even a security focused person.

      • 1 month ago
        Anonymous

        >bindly follows first google result
        >gets israeliteed
        skill issue detected

  2. 1 month ago
    Anonymous

    No one is going to mitm you.

    Bots trying to guess your passwd is just going to cost you a couple cycles unless you reuse passwords.

  3. 1 month ago
    Anonymous

    [...]

    >nooooooo stop posting anime on an anime website
    frick off back to facebook where your kind belongs

  4. 1 month ago
    Anonymous

    Think of buying from places like ovh and online.net as at your own risk. I've been using them for years and as long as you never need support you're going to love it. The minute you need support you will be filled with rage. Just keep in mind it's up to you to fix up everything how you want it.

    • 1 month ago
      Anonymous

      That is one thing. But the default config is automatically online, so there's a short time window in which it's up to the provider.

  5. 1 month ago
    Anonymous

    [...]

    Don't care about your moronic stats. Get back to /r/eddit, it's still an anime website

    • 1 month ago
      Anonymous

      Used to be, but 41% of you necked yourself, just like you inevitably will, pedo.

      • 1 month ago
        Anonymous

        >more buzzwords
        Keep your blood pressure in check zoomie

    • 1 month ago
      Anonymous

      >tranime homosexual in denial

      • 1 month ago
        Anonymous

        >newbie that got lost on his way to his

        [...]

        hugbox

        • 1 month ago
          Anonymous

          Go back to your containment thread, pedophile piece of trash.

          • 1 month ago
            Anonymous

            I'm not a pedo and I'll shit up any thread I want. It's the true spirit of this website. You know, the anime website.

          • 1 month ago
            Anonymous

            >tranime website
            Delusion is a symptom of a pedophile troony

            [...]

            Go back. You are not welcome.

          • 1 month ago
            Anonymous

            I've been on this website since 2005. I found it through an anime fansub IRC channel. I'm not going back to anywhere, newbie.

  6. 1 month ago
    Anonymous

    [...]

    Some of us remember the reason why this website was started in the first place. We were here before you 2016 election tourists. We will be here when you finally croak like the decrepit wrinkled fricking boomers you are. Die slow grandpa.

    • 1 month ago
      Anonymous

      >Die slow grandpa.
      Die quick, troony.

      • 1 month ago
        Anonymous

        I'm not a troony, get back to that old c**t you call a wife before she nags you for spending your time arguing with the young whipper snappers on the internet again. What are you like 55 or something? Lmao I bet your dick don't work anymore.

        • 1 month ago
          Anonymous

          troony hands posted this

          • 1 month ago
            Anonymous

            Whatever you say mr. viagra cialis

  7. 1 month ago
    Anonymous

    The problem is the moronic design of ssh.

    Needing to exchange the SSH certificate across the web is fricking moronic. Put TLS support in SSH already you fricking imcompetents.

  8. 1 month ago
    Anonymous

    systemctl restart sshd

    • 1 month ago
      Anonymous

      That wasn't the problem. I changed the ssh port successfully. It was just that unexpected other config file, which overrode the password auth setting.

  9. 1 month ago
    Anonymous

    some thing tells me the anime shit is just one anon samegayging to pump the thread hoping for a good discussion but there will be none because all the cool anons alr left this place to the mercy of helpdesk pajeets long ago

Your email address will not be published. Required fields are marked *