Blog posts tagged with 'ssh':



Why putting SSH on another port than 22 is bad idea

Date: 12 Mar 2012
Tags: [ ssh

Hi there! This is probably one of the most visited pages of my blog, most likely because this post is very controversial. It's also an old post, and got much feedback on the post (both negative and positive, both constructive and not-so-much). I've decided to rewrite some of the post but left most of the arguments in tact. However, please note that on some of these arguments i've been convinced by others that they are not good arguments, and on some I am still not. Please read with care, but don't consider it as an absolute truth.
The basic argument I've tried to make: don't do security-through-obscurity. You may use it, but don't solely use it. Use other - better - defences to increase your security (like pubkey authentication for instance).

I see a lot of companies and users moving their SSH port to a non-privileged port like 2222 or even 36797. People like to move this port away in order to lower the number of attacks on the SSH port.

Read more...