December 9, 20178 yr Hi, i would like to change SSH port. I edited it in /etc/ssh/ssh_config , but this didnt take effect.. Edited December 9, 20178 yr by nuhll
December 11, 20178 yr Yeah, sorry ssh is the neglected ugly child. There is a plugin available from Community Apps to give you control over ssh. We plan to build this into webGui itself. For now this topic was quickly becoming a flame war and has been moved to the Bilge. Please keep things friendly.
December 16, 20178 yr Changing the SSH port represents a quite tiny security improvement - security by obscurity is seldom working as expected. The main reason for changing port would be either to reduce the amount of access log entries from hostile scanning, or to allow multiple SSH servers accessible from the same IP. The main way to handle security with ssh is to make sure the list of encryption/hash/... algorithms are good, and to configure the sshd to only allow certificate-based login. If you plan on updating the webGui - will you then allow options to turn off password login and supply a means to register certificates? The same moment a scanning program gets a request to supply a certificate, it instantly goes hunting for an easier target. With a sshd allowing password login, an attacking program will instead start to work through a list of known account/password pairs.
December 16, 20178 yr 6 hours ago, pwm said: If you plan on updating the webGui - will you then allow options to turn off password login and supply a means to register certificates? That's the plan.
Archived
This topic is now archived and is closed to further replies.