[libre-riscv-dev] [Bug 131] Check out Gitea

bugzilla-daemon at libre-riscv.org bugzilla-daemon at libre-riscv.org
Mon Aug 12 12:07:37 BST 2019


--- Comment #3 from Jacob Lifshay <programmerjake at gmail.com> ---
(In reply to Luke Kenneth Casson Leighton from comment #2)
> Port 922 is deliberate, to stop automated script kiddie attacks and
> portscans.

In my experience, fail2ban is sufficient to handle the script kiddie attacks (I
used to have an ISP that didn't block incoming connections, which was nice for
running servers). gitea even has a section of the documentation dedicated to
fail2ban integration.

if they can see that we're running ssh, I wouldn't call that much of a problem
(as long as automatic updates are turned on), since we're not the only ones by
far. If you're worried about them breaking passwords, the server can be set up
to only allow authentication using ssh keys (which are generally more secure
anyway, if protected on the client computer). gitea, i would assume, supports
authentication using ssh keys, since everyone logs in using the "git" username.

You are receiving this mail because:
You are on the CC list for the bug.

More information about the libre-riscv-dev mailing list