1 |
On Sunday 15 Jan 2012 14:19:07 Tanstaafl wrote: |
2 |
> On 2012-01-15 3:50 AM, Pandu Poluan <pandu@××××××.info> wrote: |
3 |
> > Well, I *always* change my sshd ports, not for added security, but |
4 |
> > because I'm tired of seeing failed login attempts from China. The daily |
5 |
> > log became *much* shorter after I moved the port somewhere else. |
6 |
> |
7 |
> That is the *only* legitimate reason (I can think of) to change the |
8 |
> port... but it always irks me when someone thinks they are truly gaining |
9 |
> any extra *security* through doing so... |
10 |
|
11 |
They are ... not at all in terms of complexity (the difficulty of cracking the |
12 |
ssh password remains exactly the same), but yes in terms of probability (fewer |
13 |
attempts to crack the password). |
14 |
|
15 |
Of course, using public keys instead of passwords improves difficulty by orders |
16 |
of magnitude, but for the sake of reducing bandwidth alone, I think that |
17 |
changing the sshd port makes sense. |
18 |
-- |
19 |
Regards, |
20 |
Mick |