-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SSH, Avoiding Default Port #63
Comments
If they scan for open ports they will still find it open. I don't know how much value there is in hiding the port. Something like a port knocker might help. |
@imthenachoman, |
@iyesin If you specify a port below 1024 you prevent unprivileged processes from binding to it and impersonating it. |
@iyesin: Indeed - but it's worth noting that things like moving the ssh port is perhaps best presented as a way to reduce computational load and annoying messages |
I can sure, with own exp, using ssh default port (22), on some VPS's you will automatic get bots bruteforcing the 22 port .... Same way if you want use default port. disable passwords authentication and set a ssh keyfile ;) https://gist.github.com/hellresistor/108d965b32a907558ed101e9a0f4326c |
On the SSH server config, it is always a good practice to change the TCP port value from 22 to a random one (example 6222).
This will help avoid bad actors randomly scanning for open default ports.
Then the new SSH port should be allowed in through UFW.
The text was updated successfully, but these errors were encountered: