[NBLUG/talk] SSHD on a different port
Sameer Verma
sverma at sfsu.edu
Fri Sep 12 07:58:24 PDT 2008
On Thu, Sep 11, 2008 at 10:30 PM, Ron Wickersham <rjw at alembic.com> wrote:
> On Thu, 11 Sep 2008, Bob Blick wrote:
>
> ---snip---
>
>> So I find that if I change "Port 22" to something different in
>> /etc/ssh/sshd_config (this is a machine running Ubuntu server 8.04) then
>> it seems to do what I want. I can log in at that port number but not on
>> port 22. The port I've chosen is way up high, above 16000, and not used
>> by any other service.
>>
>> Am I missing anything? Are there some services that depend on sshd
>> running on port 22 that are going to bite me in the butt later on?
>
> hi Bob,
>
> nope, lots of machines have ssh on other ports as you describe with
> sshd_config. it does reduce the random login attempts that fill the
> logs with the inconvenience that you have to remember the port number
> even when stressed and you _have_ to get into the machine remotely.
I usually run sshd at port 22 but run denyhosts on each machine
instead. Denyhosts works quite well. It filters out random ssh
attempts after three failures. Just watch out for false positives.
Don't be the one who logs in thrice with wrong passwords :-)
http://denyhosts.sourceforge.net/ and http://opensource.sfsu.edu/node/122
cheers,
Sameer
--
Dr. Sameer Verma, Ph.D.
Associate Professor of Information Systems
San Francisco State University
San Francisco CA 94132 USA
http://verma.sfsu.edu/
http://opensource.sfsu.edu/
More information about the talk
mailing list