Wednesday, September 29, 2010

Securing SSH on the internet - Changing listening port

By default sshd uses port 22 and any hacker know that ... so to make you server a little more obscure from hackers and their bots simply change the port sshd used like so ...

[red@localhost ~]$ cd /etc/ssh/
[red@localhost ssh]$ sudo cp sshd_config sshd_config.port22
[red@localhost ssh]$ sudo diff sshd_config sshd_config.port22
13c13
< Port 88
---
> #Port 22
[red@localhost ssh]$ sudo /etc/init.d/sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]
[red@localhost ssh]$
[red@localhost ssh]$

OOPS! I forgot to update my port forwading on my router at home :-O
Posted by at

1 comment:

  1. Red CricketSeptember 30, 2010 at 8:57 PM

    Interesting ... maybe the doofus that is attempting to ssh in to my system as root has read this posting. They are now varying the port to ssh into ...

    Sep 30 15:22:35 localhost sshd[11137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.138.123.42 user=root
    Sep 30 15:22:36 localhost sshd[11137]: Failed password for root from 211.138.123.42 port 2221 ssh2
    Sep 30 15:22:36 localhost sshd[11138]: Received disconnect from 211.138.123.42: 11: Bye Bye

    ReplyDelete

Subscribe to: Post Comments (Atom)