Login Issues with Ubuntu Server 22.04 LTS on Azure: Potential Login Attempt Limits and Mitigating Brute Force Attacks

Question

Login Issues with Ubuntu Server 22.04 LTS on Azure: Potential Login Attempt Limits and Mitigating Brute Force Attacks

KindCompute-6524 100

Does the Ubuntu Server 22.04 LTS image available during VM creation from the marketplace provided by Canonical have login attempt limitations? I set up a VM with this image but sometimes can't log in with the SSH key. My first assumption is that this OS has a login attempt limit, and when automatic bots try to brute force my VM, I'm also unable to log in for a while. Is that correct?

Nikhil Duserla 7,940 Reputation points Microsoft External Staff Moderator

2024-07-26T04:13:49.03+00:00

Hi @KindCompute-6524 ,

Just checking in to see if the below answer provided by Dillon Silzer helped.

If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Nikhil Duserla 7,940 Reputation points Microsoft External Staff Moderator

2024-07-29T10:16:28.44+00:00

Hi @KindCompute-6524 ,

Just checking in to see if the below answer provided by Dillon Silzer helped.

If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

2 answers

Your answer

Nikhil Duserla 7,940 Reputation points Microsoft External Staff Moderator

2024-07-26T04:13:49.03+00:00

Hi @KindCompute-6524 ,

Just checking in to see if the below answer provided by Dillon Silzer helped.

If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Nikhil Duserla 7,940 Reputation points Microsoft External Staff Moderator

2024-07-29T10:16:28.44+00:00

Hi @KindCompute-6524 ,

Just checking in to see if the below answer provided by Dillon Silzer helped.

If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Answer 1

Hi KindCompute,

Have you checked your logs?

The primary log file for SSH on Ubuntu is / var / log / auth . log

Also, have you thought of securing your VM with only allowing your IP addresses to access port 22? This would stop bots or random IP addresses from being able to connect to port 22 (SSH).

See this page for altering inbound port rules:

https://learn.microsoft.com/en-us/azure/virtual-machines/linux-vm-connect?tabs=Linux

If this is helpful please accept as answer or upvote.

Best regards,

Dillon Silzer, Director | Cloudaen.com | Cloudaen Computing Solutions

Answer 2

Hi KindCompute-6524,

First I recommed you to use a multilayered strategy for protecting virtual machines (VMs) in Azure (https://learn.microsoft.com/en-us/azure/architecture/solution-ideas/articles/multilayered-protection-azure-vm) , With this architecture the user access is by Azure bastion.

Besides that you can monitor the login inttends , I sugges to check this thread:

https://learn.microsoft.com/en-us/answers/questions/23382/how-can-i-find-if-intruders-has-attacked-on-my-azu

From the ubuntu os point of view you can enable pam and setup maximum attend of login: https://askubuntu.com/questions/1467997/i-need-my-ubuntu-22-04-profiles-to-lock-after-20-unsuccessful-attempts-for-a-dur

References:

If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

Regards,

Luis

Share via

Login Issues with Ubuntu Server 22.04 LTS on Azure: Potential Login Attempt Limits and Mitigating Brute Force Attacks

2 answers

Your answer