[NTLUG:Discuss] OpenSSH - Newbie Question #2

Wayne Walker wwalker at bybent.com
Wed Jul 5 14:38:53 CDT 2006 

I believe the jury is still out on this.

How:  edit /etc/ssh/sshd_config, uncomment the line like:
#Port 22
and change the port number
Now restart sshd ("service sshd restart" or "/etc/init.d/sshd restart"
on most distros).

Pros:

Fewer actual attacks (assuming random programmatic attacks) because most
simple attack tools will look for ssh on port 22.

Um...that's it.

Cons:

Will not deter a determined attacker at all.  Someone determined to
attack Your machine will port scan it.

May lock yourself out (built in firewall rules will allow port 22
traffic usually, you now have to go specifically allow traffic on the
port your ssh is listening on).

Any time you try to connect to the machine (with sftp, ssh, scp, puTTY,
winSCP, ...) you have to perform whatever step is necessary to get that
tool to connect to sshd on a non-standard port.

Better practice (IMO).  Spend that extra effort making sure that you
have a good system of keeping:

1. your software packages (especially ssh) up to date
2. turn off unnecessary/unused services - e.g., nfs, telnet, pop, imap
(use imaps, and pop3s) etc.
3. choose hard to guess passwords and change them occasionally.

Wayne

On Wed, Jul 05, 2006 at 02:25:26PM -0500, Bobby Sanders wrote:
> While reviewing the prior messages on this list and others dealing with
> SSH, I have notice that everyone suggests that you change the port # for
> this services.
> 
> Is this as simple as editing /etc/services or do I have to be concerned
> about changing in in a dozen other places, applications, etc.?
> 
> Thanks
> 
> Bobby
> 
> _______________________________________________
> http://ntlug.pmichaud.com/mailman/listinfo/discuss

-- 

Wayne Walker

www.unwiredbuyer.com - when you just can't be by the computer

wwalker at bybent.com                    Do you use Linux?!
http://www.bybent.com                 Get Counted!  http://counter.li.org/
Perl - http://www.perl.org/           Perl User Groups - http://www.pm.org/
Jabber:  wwalker at jabber.gnumber.com   AIM:     lwwalkerbybent
IRC:     wwalker on freenode.net

More information about the Discuss mailing list