Great Article on Securing SSH
- 2 Comment
Not like SSH wasn’t pretty secure before, due to encryption, but every step towards security helps.
I took note to his advice on moving SSH to a non-standard port:
Security though obscurity you scoff? Perhaps. But it’s easy, causes no inconvenience, and might just reduce the number of attacks. That sounds like a winner to me.
I have also noticed that moving SSH to a non-standard port decreasing the amount of hacking activity against SSH by almost 100%.
Also it adds another benefit: the ability to expose SSH on multiple machines that may be natted on a network and sharing a single external IP such as on a cable or dsl modem. Just give each machine you want to expose a different non-standard port to run SSH on. I would recommend a VPN over exposing SSH to the Internet, but in some cases it may be necessary as some remote locations may not allow VPN traffic leaving their networks…
Technorati Tags: SSH, security, securing, secure, list, lists, VPN, linux
2 Comments on this post
Trackbacks
-
Tim Archer said:
I had the same problem where my SSH server was getting attacked all day long. I made a simple change in just changing the port it listens on.
I did a small write on how to do this at
http://timarcher.com/?q=node/46April 10th, 2007 at 7:16 am
[...] Jon Barnhardt has some additional comments regarding moving ssh to a non-standard port. [...]