what about activating your ssh server only when you need it? You could even activate it via mobile phone (e.g. SMS to your box), and stop your ssh the same way.
Exotic ssh port is a very good way to avoid already a good deal of brute attempts. The ssh activation another way to make the box without attempts, but likely possible if it is for an several users such as an University, school,... 2013/11/3 FRIGN <d...@frign.de>: > On Sun, 3 Nov 2013 19:08:16 +0800 > Chris Down <ch...@chrisdown.name> wrote: > >> If you do this, you should make sure that you run on a port <1024, >> though, otherwise someone could find some way to make your daemon crash >> and masquerade as it (which is still protected a little assuming that >> your SSH host key is not readable to them, but still). > > Thanks a lot for the info! > > I always run my daemon on port 1337. > Seems like the days of "cool" port numbers are over, at least when it > comes to SSH :/. > Next up: port 666. > > Cheers > > FRIGN > > -- > FRIGN <d...@frign.de> >
