« Postfix Mail Queue | Main | Change FTP Port »
December 26, 2005
Change sshd Port
I used default port number 22 for sshd, the server got lots of login attempts every day which left thousands of lines in daily security run output.
There are several variables related to port range in sysctl, mine is different from the default value, although I didn't modify anything.
# sysctl -a | grep portrange
net.inet.ip.portrange.lowfirst: 1023
net.inet.ip.portrange.lowlast: 600
net.inet.ip.portrange.first: 49152
net.inet.ip.portrange.last: 65535
net.inet.ip.portrange.hifirst: 49152
net.inet.ip.portrange.hilast: 65535
net.inet.ip.portrange.first and net.inet.ip.portrange.last are supposed to be 1024 and 5000 according to the FreeBSD manual. I was worried being locked outside of the box and didn't modify the sshd port.
I can't bear the annoying automate login attempts any more and decided to give it a try. It's easy to change:
Add a line in the file /etc/ssh/sshd_config:
Port 8888
Reload sshd
#/etc/rc.d/sshd reload
I opened another putty client to test the login, everything worked fine. The great thing is the old ssh connection is still active after the sshd modification and reload, I always have the chance to revert the configuration back if it doesn't work.
By the way, binding the ssh login to a static IP is highly recommended.
Category : Security
Posted by FreeBSD Newbie at December 26, 2005 10:00 AM
Comments
I also using this feature.
Also "hangup" to 22 port portsentry.
So, all "hackers" in my deny list after 5 attempt
Posted by Anton Linevich at December 27, 2005 03:51 PM
I don't use portsentry. When I test the login on port 22, no response from my server, this should be good enough as the client has to wait and can't try another login easily. This behavior should be caused by the sysctl configuration: http://www.freebsdblog.org/archives/2005/06/avoid_network_p.html
Posted by FreeBSD Newbie at December 27, 2005 05:07 PM