[teddyh]

Changing port is the wrong solution to large log files. This seems obvious to me, but maybe I can put forward another drawback of changing the port number: It is confusing.

I mean, you could easily stop using the DNS and use raw IP addresses for everything - this should cut down on your attacks and maybe even spam, right? Nobody does this because it it insanely inconvenient, and ignores the solution to this inconvenience which DNS is. Standardized port numbers exist for many reasons - do not abandon them and create complexity for your fellows merely for your personal convenience.

[spindritf]

> I mean, you could easily stop using the DNS and use raw IP addresses for everything - this should cut down on your attacks and maybe even spam, right?

No, it wouldn't. But you do have a point. And most sysadmins don't let just anyone axfr their zone.

Like changing the port, it's not a security measure and it will inconvenience someone every once in a while. Still, I don't need to advertise every host I run.

Same with using a PO box or your provider's info for whois. It's not going to deter anyone determined but it cuts down on some casual annoyances.

EDIT: Also, setting the port

    Host *.whatever.net
     IdentityFile ~/.ssh/whatever
     ServerAliveInterval 10
     port 17022

in ssh config costs you nothing, one more line in a config you'd have to write anyway.

[teddyh]

> it's not a security measure and it will inconvenience someone every once in a while

So why do it? And port knocking will inconvenience every user, all the time.

> setting the port in ssh config costs you nothing

It costs complexity for all users of the system. This includes you, all other people using it, all servers and their services wanting SSH access, etc. Standards are a good thing.