Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Change ssh to obscure port' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Change ssh to obscure port
Authored by: robg on Feb 11, '05 01:12:53PM

Great idea; I'll add that to the body of the main hint tonight. I thought about including the instructions to really re-map sshd's port, but that's a real pain to do (and as the other commenter noted, it can be undone by upgrades).

Thanks;
-rob.



[ Reply to This | # ]
obscure port unaffected by system updates
Authored by: gatorparrots on Feb 13, '05 02:01:11PM
I've been doing this since 10.1 (then the change was simply made in /etc/sshd_config). None of the point updates have undone this change (affected under xinetd in both /etc/services and /etc/xinetd.d/ssh. Apple has seen fit to leave those two files alone through the duration of the point upgrades (10.2-10.2.8, 10.3-10.3.8). Of course, I have done fresh installs of each of the major point releases (10.2, 10.3) and just make the SSH port change as part of my installation routine. In this case, I do indeed believe that there is a lot of peace and rest to be found in "security through obscurity." At least it keeps your server below the radar of the script kiddies and port scanner types.

[ Reply to This | # ]