Knowledgebase
Changing the sshd port​
Posted by Talal Ahmad on 26 September 2016 06:23 AM

While not a security measure, changing the port that sshd listens on can provide a few benefits. For one, it requires more effort for someone to locate the port that sshd listens on. Secondly, it prevents the server from being overwhelmed by brute force attacks that rely on using the default sshd port of 22. Both of these things can be prevented by filtering access, but this is still helpful in cases where the filter is either not enabled, or misapplied.

Keep in mind that local users can use utilities such as "ss" or "netstat" or other means to determine which ports that services listen on.

NOTE: Anyone on the server can bind to ports 1024 and above. Only root can bind to ports below 1024. As such, it is imperative to use an available port below 1024.

To find a free port, start by looking for used ports:

# netstat -ntl | awk '{print $4}' | grep -v ^127.0.0.1: | cut -d : -f 2 | grep ^[0-9] | sort -n | uniq | awk '$1 < 1024'
(0 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).