For Internet-connected hosts, running SSH on a different port is a really good idea since it cuts down the noise of authentication attempts from bots looking for weak passwords. Running on a different port is not a substitute for a secure configuration (ie. no root login, key-only auth) - it is purely useful in cutting down log noise.
Unfortunately you have to remember which port you chose :) To minimise the hassle you should add entries in your client /etc/ssh/ssh_config:
Host nickname
Port 43210
HostName mysshserver
User myuser
Now you can use "ssh nickname" and ssh will translate that to:
ssh -p 43210 mysshserver
No comments:
Post a Comment