36 hours ago
I sort of inherited an older server that has sshd on port 22 with root login permitted. You can image how full these logs are.
Since there are multiple people connecting to the server as root, all of them are authenticated using ssh key I figured that the simplest solution would be to turn on PermitRootLogin without-password.
My question is: would that stop that log overflow?
12 hours ago
No. The authentication will still be going on, but it will never succeed. If you want to avoid filling of the server log, you should go on with some reactive security, such as fail2ban.