Some interesting thoughts but i wouldn't buy his main argument (I've read it before). The last comment by 'Dicer; is important. Of course your sshd can be discovered (using nmap or the like) but it takes a little time. Time which is generally more profitably spent hunting down the next port 22 listener.
For the "annoying" -P problem of scp (and other progarms like rsync) which expect ssh on port 22, that's what ~/.ssh/config is for :-) See http://nerderati.com/2011/03/17/simplify-your-life-with-an-ssh-config-file/ for example. Having said that its really important to know that shifting the port is one of a number of measures, not a solution in itself - the more important being disabling root access and password authentication. Port knocking is clever .. used to do this on SA gov periphery firewalls. Haven't really bothered in recent times, but maybe something to consider in these turbulent times. Meanwhile i continue to shift my ssh port and encourage others to do the same :-) Cheers Bob On 28 September 2014 17:09, Lars Helge Øverland <larshe...@gmail.com> wrote: > "Why putting ssh on another port than 22 is a bad idea": > > > https://www.adayinthelifeof.nl/2012/03/12/why-putting-ssh-on-another-port-than-22-is-bad-idea/ > > Lars > > _______________________________________________ > Mailing list: https://launchpad.net/~dhis2-devs > Post to : dhis2-devs@lists.launchpad.net > Unsubscribe : https://launchpad.net/~dhis2-devs > More help : https://help.launchpad.net/ListHelp > >
_______________________________________________ Mailing list: https://launchpad.net/~dhis2-devs Post to : dhis2-devs@lists.launchpad.net Unsubscribe : https://launchpad.net/~dhis2-devs More help : https://help.launchpad.net/ListHelp
