Mastering OpenSSH – Part 2: How to secure OpenSSH
Now that we have installed the OpenSSH server on the Linux box and thereafter successfully connected using Putty, using SSH under Linux and using OpenSSH for Windows, we should go in this (second) part of the series on how to basically secure the OpenSSH server.
Change default port
First, we should change the port on which the server is running OpenSSH. But why? This is a classic case of security through obscurity. Theoretically this does not change the level of security. Practically, however, you can recognize that the number of attacks to the SSH server falls. This is because many attackers only scan on port 22, the default SSH port. If we change the port, we get out of the scanners scope. Sure, someone who has specifically chosen our server as an attack object, can still perform a port scan, but nevertheless it’s worth the effort, to exclude the just mentioned “haphazard” […]