When I set up my server, I decided to keep the SSH port at its default value for those three reasons:
- Worried to make the configuration file corrupted and not being able to log in anymore.
- Worried about some incompatibilities with some SSH software.
- With a port scanner it's trivial to find the new SSH
Of course I didn't leave the server in the wild with default settings:
- Access via preshared key with a long passphrase
- Configured Shorewall to slow down access to the port 22 (at most 1 request per minute)
- Set fail2ban to block access for 24 hours to who inputted the wrong password for more than three times
- Set fail2ban to send me an email in case of hacking
Recently, there was an attack from Korea with hundreds of logins.
Initially I decided to ignore the matter, then I said "Hey, changing the ssh port it's trivial!", so here is how to do that on Debian/Ubuntu:
Then change the port here:
# What ports, IPs and protocols we listen for
Then, restart the SSH daemon