To me, the nonstandard port is mostly nice for reducing log spam from scripts. The risk is that using a nonstandard port lulls one into a false sense of security and overlook good sshd practices. Good sshd practices will prevent the script-kiddies just as well as the non-standard port, while a non-standard port will not challenge a targeted attack. And, if you interact with multiple servers, it can be inconvenient to remember a different port for each one.
Comment on Notes on full disk encryption on a Hetzner cloud VPS
john_t@piefed.ee 20 hours ago
Am I the only one using a random 5 digit port for ssh? Why using the default port 22? It’s just saving time for an attacker.
tburkhol@lemmy.world 17 hours ago
ShortN0te@lemmy.ml 13 hours ago
The whole port range can be scanned in under a second. A real attack does not care if your ssh port is 22 or 69420. Changing Port is just snake oil.
frongt@lemmy.zip 8 hours ago
It can be scanned, but definitely not under a second.
ShortN0te@lemmy.ml 5 hours ago
Yes, it is called multithreading. Just one example: github.com/BrandonBerne/masscan
irmadlad@lemmy.world 11 hours ago
I use nonstandard ports for just about everything such as Docker containers, including ssh. However, modern bots are quite capable of scanning your server for vulnerabilities, CVE, zero day, and SSH. A non standard SSH port does reduce noise a bit but isn’t a reliable defense against scanners.