[CentOS] Running SSH on a different port

Kevin Krieser k_krieser at sbcglobal.net
Sat Oct 24 15:36:37 UTC 2009


As mentioned previously, requiring certificates, and not allowing  
interactive logins, is safest.

But even if you decide to allow interactive logins, there are things  
you SHOULD do.

Disable admin/root login.

Update sshd so that only named users can login via SSH, all other  
users that might be on the system cannot login.

Require SSH 2 as mentioned in another email.

it probably helps too if the named user isn't a "common" name, like  
mark, etc, like I've seen in logs when I've perused them.

Running firewall tools that block IP addresses with several failed  
attempts.

And, of course, a strong password.

I've never setup certificates for my private, personal, use to my  
box.  But I've disabled root login, only 1 account can connect, ssh2  
is required, I don't use a "common" name,.  An I have a strong password.

On Oct 24, 2009, at 7:56 AM, ML wrote:

> HI All,
>
> With my new firewall in place, it has opened my eyes to how much
> traffic gets blocked in a single day and also what are the most active
> rules. I get *a lot* of requests for port 22.
>
> How does one switch ssh ports? What is a good port to use? What
> ramifications does it have when I need to ssh in? Is it as simple as
> ssh user at hots:port?
>
> Best,
> -ML
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos



More information about the CentOS mailing list