Often it is noted that automated brute force ports tend to attack servers with ssh service on port 22. Of course it is not difficult to scan a port range and determine whether you have ssh running on another port, but usually that happens only in targeted or more sophisticated ports.
So one of the ways you can improve the security of your server is to change the default ssh port from port 22.
#grep -i port /etc/ssh/sshd_config # What ports, IPs and protocols we listen for Port 22
#grep -i port /etc/ssh/sshd_config # What ports, IPs and protocols we listen for Port 959
Restart ssh later:
#service ssh restart [ ok ] Restarting OpenBSD Secure Shell server: sshd.
Once you do this, commands like ssh-copy-id will not work unless you write it as:
ssh-copy-id -i key "[email protected] -p NewPort"
or specify port in ~/.ssh/config with: