[ale] Using ~/.ssh/config Better?

James Sumners james.sumners at gmail.com
Fri Apr 22 16:00:17 EDT 2011


What's the saying? Security through obscurity is not security?
Changing the port number doesn't hide the fact that it's sshd
listening on that new port. As a test, I started sshd on port 24 in a
VM:

=========================
$ nmap -A -p 24 localhost

Starting Nmap 5.00 ( http://nmap.org ) at 2011-04-22 15:54 EDT
Interesting ports on localhost (127.0.0.1):
PORT   STATE SERVICE VERSION
24/tcp open  ssh     OpenSSH 5.5p1 Debian 6 (protocol 2.0)
|  ssh-hostkey: 1024 3c:af:bb:db:2f:87:d3:71:90:76:65:8c:ec:b6:b7:0f (DSA)
|_ 2048 db:dc:48:19:94:ab:8d:68:a8:fc:89:79:6f:cb:63:09 (RSA)
Service Info: OS: Linux
=========================

So if someone wants to scan your machine for an SSH listener they only
have to change the -p value, e.g. `nmap -A -p 1-20000 example.com`. It
might take them a while to complete that scan, but they'll find your
SSH daemon. Thus, I don't think it is worth it to move the port
number. It's one less thing for me to have to remember ("which port
did I move it to?").

If I had some sort of reason to move it then I would. Maybe my ISP
blocks 22 (which they don't) or I want to try and get around some
wi-fi pay wall. But until then, I just don't care enough.


On Fri, Apr 22, 2011 at 2:23 PM, JD <jdp at algoloma.com> wrote:
> I am sorta shocked that you use port 22, however.  I'm running Fail2Ban,
> but don't want to see any logs that aren't important so listening on a
> non-default port nearly eliminates those bogus attempts.
>
> Is there a reason to ssh listen on port22 besides habit?
> Perhaps your firewall allows outbound connections on that port?
> Where I've worked, I always had to move my ssh listener to port 443 to
> get outside at all.  Anything that didn't go through their webproxy was
> blocked on internal desktop subnets.


-- 
James Sumners
http://james.roomfullofmirrors.com/

"All governments suffer a recurring problem: Power attracts
pathological personalities. It is not that power corrupts but that it
is magnetic to the corruptible. Such people have a tendency to become
drunk on violence, a condition to which they are quickly addicted."

Missionaria Protectiva, Text QIV (decto)
CH:D 59



More information about the Ale mailing list