|
|
|
|
|
|
by ppierald
2097 days ago
|
|
|
I've always advocated it (whether you call it security by obscurity or not) simply because most of the scanners will not choose to pick any other port but 22, then systems like DenyHosts will provide higher fidelity about threats and less volume to pour over. Of course, whether you are on 22, 24, 2222, or whatever, you need to properly harden your sshd with certificates, ciphers, removing the unneeded/unsafe configuration parameters, etc., otherwise it just won't matter what port you are on. |
|
|
If this is a single machine that only you have access to it may be fine. If that's not true (and it won't be if it is a machine owned by a company), then you are better sticking with privileged ports.