- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Changing ssh port from the default port to a n...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-12-2012 07:36 AM
04-12-2012 07:36 AM
I want to change ssh port from the default port 22 to another port number so it will make it hard for hackers to get to my server. I am aware of the following information about ports:
Well Known Ports (0 - 1023) and we can't use
Registered Ports (1024 - 49151) We should avoid them as well
Dynamic or Private Ports (49152 - 65535) These are the ports we can use after we made sure they are not in use
So is is as simply as finding a port that is not in use and assign it to ssh by viewing sshd_config file and change the port number and restart secsh?
Solved! Go to Solution.
- Tags:
- ssh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-12-2012 07:50 AM
04-12-2012 07:50 AM
SolutionIn a nutshell -- Yes.
As far as your comments regarding the "well known" and "registered" ports -- I don't know about the statement that they should be avoided. You can use any port you want as long as it is not already in use on your server.
However, running SSH on a port other than 22 is "security through obscurity." It's effectiveness is questionable. If someone is doing a targeted attack on SSH they will typically try port 22 first. However attacks typically start via a port scan to see what ports on a server are open. Depending on the ports they scan (only the first 1024 vs. all ports) the port you choose will show up in the scan. It is possible that the purpose of the port would be misidentified initially but if an attacker starts going through all possible attacks they will figure out that it is SSH eventually.
The other part of this equation is the location of this server. Is it visible to the general Internet? If so, I would not run anything on it other than what is absolutely necessary. I don't think I would run SSH on an Internet facing server.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-12-2012 08:38 AM
04-12-2012 08:38 AM
Re: Changing ssh port from the default port to a new one
So just to be 100% sure is that once I vi "sshd_config" file and change the line #Port 22 and uncommented and add Port xxxx and save the file and restart it I shoud be anle to start using that port for ssh going forward?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-12-2012 08:48 AM - edited 04-12-2012 08:50 AM
04-12-2012 08:48 AM - edited 04-12-2012 08:50 AM
Re: Changing ssh port from the default port to a new one
@Ray Bell wrote:So just to be 100% sure is that once I vi "sshd_config" file and change the line #Port 22 and uncommented and add Port xxxx and save the file and restart it I shoud be anle to start using that port for ssh going forward?
That's correct.
However, Patrick's point about "security through obscurity" is very valid. What this change is most likely to do is annoy people who use ssh legitimately while being only a very minor speed bump to malicious types. nmap has no problems identifying sshd running on nonstandard ports.
Kris Knigga
- Tags:
- nmap
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-12-2012 11:31 AM
04-12-2012 11:31 AM
Re: Changing ssh port from the default port to a new one
Most automated and brute force attacks on ssh probe port 22/tcp.
If you just "move the goal posts" to say 2022/tcp. it will reduce the number of hits.
Of course, a determined attacker will port scan your entire port range 1-65536 and then attempt to identify what services you are running on your active ports.
A neat technique to make it harder for the attacker is to use "port knocking".
This means that to access your chosen ssh port (let's say 2022/tcp, you first have to connect (the close) 4 other ports in the right sequence to open access to 2022/tcp.
http://en.wikipedia.org/wiki/Port_knocking
See also: http://wiki.clug.org.za/wiki/Defending_Against_Brute_Force_SSH_Attacks