Aktualisiert: Februar 2026
Top 100 angegriffene SSH-Benutzernamen
Die am haufigsten verwendeten Benutzernamen bei SSH-Brute-Force-Angriffen. Vermeiden Sie vorhersehbare Benutzernamen.
| # | Username | Versuche | IPs |
|---|---|---|---|
| 1 | root | 8952 | 643 |
| 2 | admin | 2552 | 276 |
| 3 | sol | 1787 | 29 |
| 4 | ubuntu | 1736 | 259 |
| 5 | solana | 1507 | 26 |
| 6 | user | 1000 | 93 |
| 7 | oracle | 994 | 288 |
| 8 | 345gs5662d34 | 812 | 390 |
| 9 | postgres | 787 | 69 |
| 10 | test | 663 | 91 |
| 11 | solv | 589 | 16 |
| 12 | claude | 511 | 344 |
| 13 | n8n | 441 | 312 |
| 14 | guest | 403 | 50 |
| 15 | mysql | 397 | 53 |
| 16 | git | 383 | 56 |
| 17 | debian | 275 | 48 |
| 18 | hadoop | 266 | 35 |
| 19 | backup | 240 | 36 |
| 20 | test1 | 214 | 20 |
| 21 | centos | 211 | 36 |
| 22 | pi | 209 | 29 |
| 23 | ftpuser | 193 | 44 |
| 24 | elastic | 185 | 27 |
| 25 | docker | 184 | 30 |
| 26 | validator | 184 | 13 |
| 27 | developer | 182 | 30 |
| 28 | administrator | 170 | 28 |
| 29 | es | 166 | 21 |
| 30 | deploy | 158 | 47 |
| 31 | nginx | 154 | 26 |
| 32 | tomcat | 143 | 25 |
| 33 | master | 141 | 19 |
| 34 | node | 139 | 17 |
| 35 | ftp | 137 | 34 |
| 36 | ec2-user | 137 | 22 |
| 37 | apache | 136 | 26 |
| 38 | ftptest | 135 | 15 |
| 39 | www | 134 | 26 |
| 40 | operator | 130 | 28 |
| 41 | nagios | 127 | 27 |
| 42 | dev | 127 | 34 |
| 43 | support | 119 | 34 |
| 44 | zabbix | 117 | 13 |
| 45 | elasticsearch | 107 | 23 |
| 46 | jenkins | 100 | 34 |
| 47 | daemon | 96 | 11 |
| 48 | dspace | 94 | 15 |
| 49 | weblogic | 91 | 20 |
| 50 | minoxidil4you | 89 | 27 |
| 51 | svn | 86 | 8 |
| 52 | www-data | 86 | 14 |
| 53 | webmaster | 78 | 11 |
| 54 | firedancer | 78 | 6 |
| 55 | odoo | 75 | 22 |
| 56 | fedora | 73 | 18 |
| 57 | redis | 73 | 14 |
| 58 | ansible | 71 | 15 |
| 59 | dixi | 69 | 64 |
| 60 | slv | 69 | 1 |
| 61 | raydium | 68 | 5 |
| 62 | x | 66 | 61 |
| 63 | lighthouse | 66 | 4 |
| 64 | search | 65 | 4 |
| 65 | gerrit | 65 | 4 |
| 66 | minecraft | 62 | 20 |
| 67 | mongodb | 62 | 9 |
| 68 | newuser | 60 | 16 |
| 69 | User-Agent: Go-http-client/1.1 | 60 | 9 |
| 70 | ubnt | 57 | 17 |
| 71 | server | 56 | 21 |
| 72 | sa | 56 | 9 |
| 73 | titu | 55 | 44 |
| 74 | mapr | 53 | 5 |
| 75 | sysadmin | 52 | 18 |
| 76 | solnode | 48 | 1 |
| 77 | ethereum | 46 | 8 |
| 78 | ps | 45 | 3 |
| 79 | httpd | 45 | 38 |
| 80 | info | 45 | 12 |
| 81 | jibs | 44 | 3 |
| 82 | iksi | 44 | 39 |
| 83 | redhat | 44 | 14 |
| 84 | a | 44 | 20 |
| 85 | 3d | 42 | 3 |
| 86 | supervisor | 42 | 17 |
| 87 | systemd | 41 | 39 |
| 88 | admin1 | 41 | 9 |
| 89 | minima | 40 | 5 |
| 90 | test2 | 37 | 17 |
| 91 | bot | 36 | 11 |
| 92 | user1 | 36 | 25 |
| 93 | deployer | 36 | 17 |
| 94 | kafka | 36 | 18 |
| 95 | nutanix | 35 | 34 |
| 96 | demo | 35 | 21 |
| 97 | vagrant | 35 | 11 |
| 98 | system | 34 | 10 |
| 99 | cexuser | 34 | 1 |
| 100 | rosa | 33 | 5 |
EMPFEHLUNGEN
- •Deaktivieren Sie die Root-Anmeldung uber SSH
- •Verwenden Sie einzigartige und unvorhersehbare Benutzernamen
- •Implementieren Sie die Public-Key-Authentifizierung
- •Konfigurieren Sie fail2ban zum Blockieren von IPs