One thought on “Don’t change sshd’s port

  1. “This in turn means that any user can start a process listening on that port, potentially a fake sshd that steals credentials”

    If you are using ssh keys (as opposed to passwords) this is not possible.

    As he mentions later (for other reasons) you should be using ssh keys only and have password authentication disabled.

Leave a Reply

Your email address will not be published. Required fields are marked *