[CentOS] sshd: Authentication Failures: 137 Time(s)

Tue Apr 5 09:19:05 UTC 2011
John Hodrien <J.H.Hodrien at leeds.ac.uk>

On Tue, 5 Apr 2011, Rudi Ahlers wrote:

> Why,
> We've been running SSH on hundreds of servers on a port higher than
> 5000 for year now and no problems at all.

I always feel slightly ickie about running services on ports normal users can
run on (this obviously depends a lot on who can run processes on the host).
Anything that can convince sshd to restart or crash can then potentially
nobble that port.  With an intelligent user base this is no worse than any
other man-in-the-middle attack or DoS since they'll refuse to login when the
key doesn't match.