On Fri, Jan 24, 2025 at 12:17 PM Lester Petrie <lmpetrie@xxxxxxxxxxxxx> wrote: > > > On 1/24/2025 12:03 PM, Chris Adams wrote: > > Once upon a time, Lester Petrie <lmpetrie@xxxxxxxxxxxxx> said: > >> I have a NAS I wish to change the ssh port from 22 to something > >> else. How do I go about selecting a good port number? > > > > If it's IPv4 and exposed to the Internet, moving to a different port > > isn't really doesn't do much to secure it; it's not all that hard to > > scan for SSH on any port (and people do, and it will be found). If it's > > not exposed... why move it? It just makes an extra hassle when > > connecting. > > > > Basically, moving known services to alternate ports is rarely a good or > > useful idea. > > I am pretty sure my router is blocking the access, but it records the > attempts in its log. Probably 98-99 percent of the log is these > attempts. I want to see what happens to the log if I change the port. > Since I am the only one who should be accessing the NAS with ssh, and > that is very rarely, I don't mind the extra hassle. Typically what you do in this case is use NAT to map an external port, like 222, to an internal host and port, like myhost.home.arpa:22. The mapping occurs on your router. I use a similar strategy to allow others to test on my internal network. Ports 1520 through 1535 on my router map to different hosts on my internal network, but SSH runs on port 22 on each of the internal hosts. Jeff -- _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
