Securing SSH access

Steve Morrey lists at
Tue Apr 22 11:55:29 MDT 2008

On Sat, Apr 5, 2008 at 7:47 AM, Hans Fugal <hans at> wrote:

> Lonnie Olson wrote:
>  I personally hate changing the port SSH listens on.  It adds great
> > complexity to day to day usage, and the benefit is small.  You either have
> > to specify the port number on every call to ssh, or add entries into your
> > ~/.ssh/config file for each host that you changed.  Really annoying.
> >
> And on each host that you use. So if you deal with 10 hosts and ssh to
> them from 5 different clients frequently... now you have 50 entries in
> .ssh/config files to deal with


Or just set it to something way off in the boonies but be consistent about
For instance almost all of my servers have SSH at 2774 which if you look at
it on a phone turns out to be 2SSH or my secondary SSH port.  How hard is it
to type ssh -luser -p2774
For the extra bonus of rarely (or never) seeing a dictionary attack I think
the extra 6 keystrokes are totally worth it.  But you do have to use
something you can remember and use it consistently


>  <> <>
> <>

More information about the PLUG mailing list