4 Sep
2018
4 Sep
'18
1:14 p.m.
On Sep 4, 2018, at 9:06 AM, Ralph Seichter m16+tor@monksofcool.net wrote:
On 04.09.2018 14:44, Sean Brown wrote:
Using an obscure port only prevents attempts being logged, nothing else.
I cannot agree with that. What an sshd logs is not determined by the port number it is listening on, and the quantity of failed login attempts across my servers is measurably lower when using a non-standard port.
Ya, my mistake, I wasn’t clear. I don’t mean that sshd doesn’t log if it’s on a different port, I mean that only the worst bots won’t find it, cutting down on the amount of noise in the logs. If ssh is configured correctly (disable password, 2fa, keys etc.) password attempts are just noise.