Any Linux expert here? Does https://github.com/btcpayserver/btcpayserver/issues/245 seems a good advice? No idea if this is the best practice.
@NicolasDorier fail2ban works well, might make sense to add ufw and move SSH to a custom port (some high number) and maybe add port knocking for good measure.
@NicolasDorier For a "typical" user maybe haha
@NicolasDorier I install it everywhere. Not a substitute for strong password, but keeps the logs cleaner. It's a win IMO.
@face thanks, I will do this then.
@NicolasDorier not an expert. I would say not a priority since most people use high entropy ssh-keygen key pairs now days
@seoulben problem is that the one-click deploy of BTCPay use a user defined password.
@seoulben I can't expect the users of btcpay to know about linux so...
@NicolasDorier @seoulben It might be safer to randomly generate a password for them and insist they write it down. Or, if you're already having them backup a seed, you could generate the password from some HD path in there. Best of all would be if you generate an ssh key pair for them as part of the setup and lock out passwords (again, maybe deriving the key pair from an HD seed so they have only a single recovery value).
However, I can customize the startup script on the provisioned VM. If I do that, my only issue with this is that I don't know then how I can send the password to the user!
@NicolasDorier @seoulben Maybe the regular web password reset mechanism, where you send them a password reset link via email with a unique random token embedded in the URL, they visit the URL (maybe enter their user-selected password for security) and are provided the new secure password secured by TLS?
Another idea is simply to generate the SSH private key, let BTCPay know about it. Then in BTCPay interface, having a page for the admin to know about it.
This actually make UX of BTCPay better, for some actions.
@NicolasDorier yes, limiting failed login attempts is a good security practice. Not sure if it's within the scope of the project though, but I'll leave that to you.
@NicolasDorier there is also sshguard exists, which serves the same purpose but slightly different approach
@leshik I decided to go for the long term solution of no password and Auto generated private key that I give to user via BTCPay. Best for UX, and secure against brute force.
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!