Nov 232011

Whenever you’re running your Linux own server on the internet, you will most probably require console access. The best idea is using SSH. This is usually on port 22. After leaving your server alone for a couple of days, you will notice that /var/log/messages fills up with incorrect logon attemps. This shouldn’t be an issue if you follow the rules:

  • do not allow root acces
  • use certificate authentication
  • alternatively use a very very strong password

But still, it’s annoying and clogs the log. Therefore I changed the port to something non standard. Even though this is not really securing the server agains dedicated hacking attemps but it will at least keep many automated scanners away and they will leave you alone.

First of all you will need to change your SSHd configuration. The file is usually at /etc/ssh/sshd_config. This needs to be edited. I always use the midnight commander for easier editing. Find the line:

#Port 22

And comment it in. Also add another line with the port you like. This way you reduce the chances of locking yourself out. You will end up with something like this:

Port 22
Port 1111

Now you need to restart the SSHd. This is depening on your Linux distro.
For CentOS this is okay: /etc/init.d/sshd restart
For Ubuntu based: sudo /etc/init.d/ssh restart

You should now connect to the new SSH port. If this is working, you should change the config file again in this session. Now you can comment out the old port 22 which leads to this config file:

#Port 22
Port 1111

Then restart the SSHd for a last time. Afterwards the connection to port 22 shouldn’t be possible anymore. Now only the new port should be valid for connections.
Of course I’m not responsible for having yourself locking you out of the server 😉

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>