[CentOS] google cloud compute with PEM file
Always Learning
centos at u68.u22.net
Wed May 18 02:25:11 UTC 2016
On Tue, 2016-05-17 at 20:12 -0400, Jonathan Billings wrote:
> On May 17, 2016, at 7:56 PM, Always Learning <centos at u68.u22.net> wrote:
> > (1) I would change the port from 22 to something more difficult to
> > guess, perhaps 49026 (for example) and then block port 22 in the
> > firewall.
>
> If you’re going to change the port, change it to something <1024. You don’t want to have sshd running on a port that a non-root user can bind to.
But if, as I suggested, the enquirer restricts access to that port to
his own IP, access attempts from other IPs will fail. Ports > 1024 can
be accessed by authorised non-root users using the authorised
originating IP whilst preventing access from all other IPs.
--
Regards,
Paul.
England, EU. England's place is in the European Union.
More information about the CentOS
mailing list