Securing SSH --> Change ports

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In there you are almost telling people that security through obscurity is a good way. 
That might sometimes be true but in this case it could mean that you would be handing passwords and other data out. 

When you start SSH on port 22 it is done with root privileges because the root user is the only one that can use ports below 1024. Root is the only user that can listen to that port or do something with it. If you move the port to 2222 for example you move SSH to a port that can be used with out a privileged user. This would mean I could write a script that listens to port 2222 and mimics SSH to capture the passwords. Changing the port of SSH to 2222 or anything above 1024 makes SSH less secure. Pretty ironic that this is in the "Securing SSH" chapter.  This should never be done. 

Location: http://wiki.centos.org/HowTos/Network/SecuringSSH#head-3579222198adaf43a3ecbdc438ebce74da40d8ec
username: TheodorAndresson

_______________________________________________
CentOS-docs mailing list
CentOS-docs@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos-docs




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Users]     [CentOS Virtualization]     [Linux Media]     [Asterisk]     [Netdev]     [X.org]     [Xfree86]     [Linux USB]     [Project Hail Cloud Computing]

  Powered by Linux