It looks like i'm getting a dictionary attack on my system. I moved ssh to another port instead of 22 in hopes that would put a halt to it but it did not. Any recommendations to improve security here? I notice these attacks come from a variety of IP's so pursuing one individual is probably not worthwhile. [root@corona ~]# tail /var/log/secure Dec 25 17:51:09 corona sshd[24704]: Failed password for invalid user turid from ::ffff:203.115.124.116 port 38370 ssh2 Dec 25 17:51:12 corona sshd[24707]: Invalid user turnage from ::ffff:203.115.124.116 Dec 25 17:51:14 corona sshd[24707]: Failed password for invalid user turnage from ::ffff:203.115.124.116 port 38886 ssh2 Dec 25 17:51:18 corona sshd[24710]: Invalid user turnbough from ::ffff:203.115.124.116 Dec 25 17:51:20 corona sshd[24710]: Failed password for invalid user turnbough from ::ffff:203.115.124.116 port 39397 ssh2 Dec 25 17:51:22 corona sshd[24713]: Invalid user turner from ::ffff:203.115.124.116 Dec 25 17:51:25 corona sshd[24713]: Failed password for invalid user turner from ::ffff:203.115.124.116 port 40228 ssh2 Dec 25 17:51:27 corona sshd[24716]: Invalid user tursun from ::ffff:203.115.124.116 Dec 25 17:51:30 corona sshd[24716]: Failed password for invalid user tursun from ::ffff:203.115.124.116 port 40714 ssh2 Dec 25 21:20:46 corona sshd[24897]: Accepted password for root from ::ffff:10.1.1.17 port 4500 ssh2 [root@corona ~]# -- -Gerald