[CentOS] google cloud compute with PEM file

Always Learning centos at u68.u22.net
Wed May 18 02:25:11 UTC 2016

On Tue, 2016-05-17 at 20:12 -0400, Jonathan Billings wrote:

> On May 17, 2016, at 7:56 PM, Always Learning <centos at u68.u22.net> wrote:
> > (1)  I would change the port from 22 to something more difficult to
> > guess, perhaps 49026 (for example) and then block port 22 in the
> > firewall.
> If you’re going to change the port, change it to something <1024.  You don’t want to have sshd running on a port that a non-root user can bind to.

But if, as I suggested, the enquirer restricts access to that port to
his own IP, access attempts from other IPs will fail. Ports > 1024 can
be accessed by authorised non-root users using the authorised
originating IP whilst preventing access from all other IPs.


England, EU.      England's place is in the European Union.

More information about the CentOS mailing list