[CentOS] Running SSH on a different port
Kevin Krieser
k_krieser at sbcglobal.net
Sat Oct 24 14:36:37 UTC 2009
As mentioned previously, requiring certificates, and not allowing
interactive logins, is safest.
But even if you decide to allow interactive logins, there are things
you SHOULD do.
Disable admin/root login.
Update sshd so that only named users can login via SSH, all other
users that might be on the system cannot login.
Require SSH 2 as mentioned in another email.
it probably helps too if the named user isn't a "common" name, like
mark, etc, like I've seen in logs when I've perused them.
Running firewall tools that block IP addresses with several failed
attempts.
And, of course, a strong password.
I've never setup certificates for my private, personal, use to my
box. But I've disabled root login, only 1 account can connect, ssh2
is required, I don't use a "common" name,. An I have a strong password.
On Oct 24, 2009, at 7:56 AM, ML wrote:
> HI All,
>
> With my new firewall in place, it has opened my eyes to how much
> traffic gets blocked in a single day and also what are the most active
> rules. I get *a lot* of requests for port 22.
>
> How does one switch ssh ports? What is a good port to use? What
> ramifications does it have when I need to ssh in? Is it as simple as
> ssh user at hots:port?
>
> Best,
> -ML
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
More information about the CentOS
mailing list