Re: Feature Request: Invalid sshd port fallback

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



I see your point and that makes valid sense;I even change default port.

"It would be better to let you know the port is wrong and fail to start
until you fixed the problem and selected a valid non-standard port."

Is there any reason something like this isn't implemented already? Could it
be implemented?

On Thu, Jul 30, 2015 at 2:02 PM Ron Frederick <ronf@xxxxxxxxxxxxx> wrote:

> On Jul 30, 2015, at 1:30 PM, Stop Spazzing <stopspazzing@xxxxxxxxx> wrote:
>
> I would like to suggest adding a fallback in the event that somehow the
> sshd_config port number is invalid.
>
> Example:
> Port !=  (1<= or >=65535)
>
> By default fall by to port 22, and spit out an error. Same would go for if
> the new port is already in use, fall back to port 22 and spit out an error.
>
> Why is this a good idea? Would be a good idea because people are human and
> make mistakes, and you shouldn't have to wipe your server just because an
> invalid port was used by accident.
>
> Why is this a bad idea? I see no reason why this would be a bad idea that I
> am aware of.
>
>
> I can think of at least one reason why this is a bad idea. There are a lot
> of ssh port scanners out there connecting on port 22, and people often put
> their ssh servers on non-standard ports to reduce the amount of this sort
> of traffic they receive. If you think you have configured a non-standard
> port and happen to get it wrong, I don’t think you’d want the SSH server to
> start up on the default port. It would be better to let you know the port
> is wrong and fail to start until you fixed the problem and selected a valid
> non-standard port.
>
> --
> Ron Frederick
> ronf@xxxxxxxxxxxxx
>
>
>
>
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux