Roberto C Sánchez wrote: > On Sun, Jun 10, 2018 at 11:09:49AM -0000, Dan Purgert wrote: >> deloptes wrote: >> > Hi, >> > I recently get many of those, which means someone found out that ssh >> > external is on port 22222 and is trying to do some evil work there. >> > Should I worry or do something? >> >> Use key-based auth only >> Ensure root ssh login is not allowed >> Perhaps fail2ban (or equivalent) >> Perhaps forget about funny ports (as they're "security by obscurity" at >> best). >> > In the past I was of a similar opinion regarding the use of a > non-standard port for SSH. However, some of clients do this and the > main observed benefit is less noise in the logs. As long as the > administrator understands that it does not improve security, and is > willing to deal with the occasional inconvenience of an alternate port, > there is nothing really wrong with it.
Which is why I prefaced that option with "perhaps". Not that I've *never* used non-standard ports for services, but it's always with a reason (e.g. secondary service, less log noise, don't want the program to require root permissions, etc.) -- |_|O|_| Registered Linux user #585947 |_|_|O| Github: https://github.com/dpurgert |O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5 4AEE 8E11 DDF3 1279 A281