Reasoning

I’ll just start this post with stating that I’m not doing this with malicious intents, nor am I going to use this for other purposes than learning, or advise using this on servers others than your own. That being said, let’s get down to business.

Why an SSH brute-forcer?

Because too many people are still using password authentication with weak passwords. There are still many servers with sshd open with the default port exposed to internet, using accounts with weak passwords. Have a RaspberryPi? Put it on the Internet! Just take a look over Shodan’s raspbian with port 22 query. It’s crazy. We’re kinda fighting fire with fire.

We’ll be using Let’s Encrypt in order to obtain and use - in a web server, for example - an SSL certificate for our domain.

Let’s Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG).

This will be done through certbot. Setting it up is as trivial as cloning the Git repository and running the certbot-auto file. Initial set-up¹ is left as an exercise for the reader.

The filesystem table, or more commonly known as fstab or /etc/fstab, is a system configuration file, which is parsed by mount during boot, and misconfiguration or typos can render the system somewhat unusable.

By default on Debian and Ubuntu systems, the root partition has the errors=remount-ro option set, which indicates that if the mount encounters any error, it should only remount the partition as read-only, to prevent damage. In that case, for example, many applications will stop working, unexpected behaviour will be present, among other issues.