Blog posts tagged with 'ssh':
Date: 12 Mar 2012
[ ssh ]
Hi there! This is probably one of the most visited pages of my blog, most likely because this post is very
controversial. It's also an old post, and got much feedback on the post (both negative and positive, both
constructive and not-so-much). I've decided to rewrite some of the post but left most of the arguments in tact.
However, please note that on some of these arguments i've been convinced by others that they are not good arguments,
and on some I am still not. Please read with care, but don't consider it as an absolute truth.
The basic argument I've tried to make: don't do security-through-obscurity. You may use it, but don't solely use it.
Use other - better - defences to increase your security (like pubkey authentication for instance).
I see a lot of companies and users moving their SSH port to a non-privileged port like 2222 or even 36797. People like
to move this port away in order to lower the number of attacks on the SSH port.