Re: google cloud compute with PEM file

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 2016-05-17, Always Learning <centos@xxxxxxxxxxx> wrote:
>
> (1)  I would change the port from 22 to something more difficult to
> guess, perhaps 49026 (for example) and then block port 22 in the
> firewall.
>
> (2)  Allow to port 49026 (for example) traffic from your IP and block
> traffic from all other IPs.
>
> Do not forget there are people out there desperate to get into your
> computer system, so make it more difficult for them.

If you've blocked access to the sshd port for all but whitelisted IPs,
there's little point in moving sshd to a nonstandard port.  If you want
defense in depth, use the cloud firewall, the host firewall, and
something like sshguard, and just leave sshd on port 22.

--keith

-- 
kkeller@xxxxxxxxxxxxxxxxxxxxxxxxxx


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux