Often it is noted that automated brute force ports tend to attack servers with ssh service on port 22. Of course it is not difficult to scan a port range and determine whether you have ssh running on another port, but usually that happens only in targeted or more sophisticated ports.
So one of the ways you can improve the security of your server is to change the default ssh port from port 22.
#grep -i port /etc/ssh/sshd_config # What ports, IPs and protocols we listen for Port 22
#grep -i port /etc/ssh/sshd_config # What ports, IPs and protocols we listen for Port 959
Restart ssh later:
#service ssh restart [ ok ] Restarting OpenBSD Secure Shell server: sshd.
Once you do this, commands like ssh-copy-id will not work unless you write it as:
ssh-copy-id -i key "[email protected] -p NewPort"
or specify port in ~/.ssh/config with:
Joel G Mathew, known in tech circles by the pseudonym Droidzone, is an opensource and programming enthusiast.
His favorite pastime is grappling with GNU compilers, discovering newer Linux secrets, writing scripts, hacking roms, and programs (nothing illegal), reading, blogging. and testing out the latest gadgets.
When away from the tech world, Dr Joel G. Mathew is a practising ENT Surgeon, busy with surgeries and clinical practise.