[ubuntu-uk] SSH question

Stephen Hildrey steve at uptime.org.uk
Sat Jan 12 17:34:48 GMT 2008

Tom Bamford wrote:
> I don't bother changing the server port for sshd, it's security
> through obscurity.

There's nothing wrong with using obscurity to achieve enhanced defence
in depth; running ssh on a non-standard port raises the bar enough to
thwart most automated, background noise brute-force attacks.

Sure, if somebody is determined to attack you specifically, they'll find
the non-standard SSH port eventually, but if you're worried about
targeted exploitation attempts on your machines then you'll make sure
you're also running firewalls, tcp wrappers and AllowUsers/AllowGroups.

> there's no way they'll get in unless you have a seriously crap
> password.

That's a great strategy until the next time we see something like these:


and the masses start writing scripts to find boxes running vulnerable
SSH daemons. Guess which port they'll try to connect to?


More information about the ubuntu-uk mailing list