Setup SSH to run on a non-standard port
By default OpenSSH (SSH Remote Login Protocol) server runs on tcp port 22. This is useful for a single system connected to DSL/ADSL or home internet equipments. Others cannot guess your port easily (until and unless they perform port scan). If port scan is blocked, then no one can figure it out your ssh port (again some one need to write a script to try connection at every port). This make your servers just a little more difficult to access.
Open /etc/ssh/sshd_config file and look for line Port 22 and change line to Port 2222. Restart sshd server.
Sshd is running on a non-standard port, connection attempts to the system will fail. You need to connect using following command:
$ ssh -p 2222 user@your-ip
OR
$ ssh -p 2222 user@you.homenetwork.org
Where,
- -p: Port to connect to on the remote host.
Scp also supports same option with capital letter P.
$ scp -P 2222 user@your-ip:/home/rocky/mp3/abc.mp3 /tmp
You may also be interested in other helpful articles:
- Linux / UNIX minicom Serial Communication Program
- Linux Iptables allow or open IMAP server port
- Force apache webserver to listen on all addresses except one ip address
- Lighttpd run php from different host using mod_proxy / mod_fastcgi
- Linux Iptables: How to specify a range of IP addresses or ports
Discussion on This Article:
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Another *very important* thing you should do is to not allow ‘root’ login to SSH. Thus you have to login as a normal user and then ’su - root’ over if you need root access. This closes yet another avenue for an attacker to enter.
Same file as mentioned about, just make sure this line is out:
PermitRootLogin no
Restart SSHd, all set. After that, login like this:
ssh -l USER -p PORT HOSTNAME
fak3r