| 1 |
On Sunday 15 Jan 2012 14:19:07 Tanstaafl wrote: |
| 2 |
> On 2012-01-15 3:50 AM, Pandu Poluan <pandu@××××××.info> wrote: |
| 3 |
> > Well, I *always* change my sshd ports, not for added security, but |
| 4 |
> > because I'm tired of seeing failed login attempts from China. The daily |
| 5 |
> > log became *much* shorter after I moved the port somewhere else. |
| 6 |
> |
| 7 |
> That is the *only* legitimate reason (I can think of) to change the |
| 8 |
> port... but it always irks me when someone thinks they are truly gaining |
| 9 |
> any extra *security* through doing so... |
| 10 |
|
| 11 |
They are ... not at all in terms of complexity (the difficulty of cracking the |
| 12 |
ssh password remains exactly the same), but yes in terms of probability (fewer |
| 13 |
attempts to crack the password). |
| 14 |
|
| 15 |
Of course, using public keys instead of passwords improves difficulty by orders |
| 16 |
of magnitude, but for the sake of reducing bandwidth alone, I think that |
| 17 |
changing the sshd port makes sense. |
| 18 |
-- |
| 19 |
Regards, |
| 20 |
Mick |
Archives