SSH FTP security question

[Squirrel Meat]

How secure is it? I set one up on my computer because I have a file manager app on android that can access cloud storage and network storage (even remote) and its something that I use all the time. I have it set up with my main computer account and a 1024 bit hex encryption key.

The thing that worries me is that it keeps a log of all my connections and activities and it seems that someone else it trying REALLY hard to get it using login names like 'root' and 'android' and the like. Its not letting them in but its a daily thing and it kinda has me worried. Is the encryption key enough?

[Nick_B]

How secure is it? I set one up on my computer because I have a file manager app on android that can access cloud storage and network storage (even remote) and its something that I use all the time. I have it set up with my main computer account and a 1024 bit hex encryption key.

The thing that worries me is that it keeps a log of all my connections and activities and it seems that someone else it trying REALLY hard to get it using login names like 'root' and 'android' and the like. Its not letting them in but its a daily thing and it kinda has me worried. Is the encryption key enough?

Port 22 is constantly scanned and attacked. It's pretty common to see failed login attempts with common user names.

Are you using the key to authenticate or a password (or a passworded key)? Even passworded SSH is pretty secure. If yours requires a 1024 bit key to auth, it's not going to get busted by brute force.

Think about this: a 1024 bit key has more than 1.5 * 10^308 different possible combinations. Now look at how many failed login attempts you are seeing and how much smaller a number it is. If you are authenticating by password, this exercise is probably not as comforting, but as long as you choose a long password without dictionary words, it would be difficult to break.

Just make sure the server software you are using doesn't have any known vulnerabilities, and you should be fine.