Changing the default port of ssh is not a huge improvement in security, but I’ve found it to be a useful tool in keeping log files free from failed login attempts with username root on port 22 (and I hope you do spend the time to review your log files!). A large number of scripts run scans on the default ssh port of 22 looking for known vulnerabilities. Of course, you should keep ssh fully patched, however rapidly growing log files is a problem all its own.
One of the easiest ways to keep your log files from filling up with failed login attempts is to change the ssh port.
vi /etc/ssh/sshd_config
Update the port to a new value, such as:
Port 876
Once you’ve updated sshd, you may also which to update ssh for convenience:
vi /etc/ssh/ssh_config
Uncomment the line with Port, and set it to the same value that you set in the sshd_config file:
Port 876
Lastly, reload the sshd daemon:
/etc/init.d/ssh reload
Open a 2nd ssh session to the server to ensure everything is working.
Note:
I recommend you keep the original session open in case you get something wrong in your configuration.
