Comment on Do I Need to Harden SSH over Tor?
Audalin@lemmy.world 7 months ago
Disabling root login and password auth, using a non-standard port and updating regularly works for me for this exact use case.
Comment on Do I Need to Harden SSH over Tor?
Audalin@lemmy.world 7 months ago
Disabling root login and password auth, using a non-standard port and updating regularly works for me for this exact use case.
tal@lemmy.today 7 months ago
It’s really not that hard to find SSH servers running on a non-standard port.
nmapor a similar port-scanning software package can find ports listening for TCP connections. There are software packages – don’t recall names off-the-cuff, but I’m sure that you could go dig one up – that connect to ports and then aim to identify the protocol from a fingerprint out of a database that they have. The SSH protocol has a very readily-identifiable fingerprint, don’t even need specialized software.Let me just bounce to a machine as an example:
Getting6409@lemm.ee 7 months ago
I feel like the argument for using a nonstandard ssh port these days is that you dodge the low tier automation/bots that are endlessly scanning IPs and port 22 and trying obvious usernames and passwords. I do also question how much it is worth dodging these since presumably you’d have already done the other basics like key only and no root login before this. Maybe there’s some value if you want a clean auth.log or equivalent