[kwlug-disc] Tightening up SSH

unsolicited unsolicited at swiz.ca
Mon Jul 19 22:55:31 EDT 2010


Darcy Casselman wrote, On 07/19/2010 10:50 PM:
> On Mon, Jul 19, 2010 at 9:41 PM, unsolicited <unsolicited at swiz.ca> wrote:
>> Darcy Casselman wrote, On 07/19/2010 9:12 AM:
>>> Along with previous suggestions, I'd recommend switching to a
>>> non-standard port.  It's not really security against a determined
>>> attacker, but it cuts out 99.99% of the random Internet drive-bys.
>> Could you tell me the source of this statistic please?
> 
> Sure! I made it up.
> 
>> Save yourself the irritation. Particularly when you run into a
>> firewall that lets you talk out to known ports, but not weird ones.
> 
> No worries.  I'm not going to forget mine.  And, like Khalid said, you
> can put it in your .ssh/config

That implies one is only ever using their own equipment, to hand, to 
access their systems remotely. Part of the allure of remote access is 
remote access from anywhere, any time, from any equipment.



More information about the kwlug-disc_kwlug.org mailing list