From Arabesque, my favorite blog for Unix geeks. I always change the sshd port, so I’m delighted to read a sound argument against doing so.
From Arabesque, my favorite blog for Unix geeks. I always change the sshd port, so I’m delighted to read a sound argument against doing so.
© 2024 rc3.org
Theme by Anders Noren — Up ↑
November 21, 2012 at 12:38 pm
“This in turn means that any user can start a process listening on that port, potentially a fake sshd that steals credentials”
If you are using ssh keys (as opposed to passwords) this is not possible.
As he mentions later (for other reasons) you should be using ssh keys only and have password authentication disabled.