ssh configuration trick to add more security.
You already know that ssh use default port 22 in ssh configuration for making the connection with the server. So anybody (hacker) can try with the same port for connecting to server. But what if he/she don’t know the port for ssh for connection, yes off course then he/she has to do lot off effort for identifying the port number for connection.
So here we go for practical way of adding more security to the server by changing the default port in ssh configuration.
1. Firstly we tried to connect with default port 22.
[root@kalwa1 ~]# ssh manmohan@192.168.216.130 Red Hat Enterprise Linux Server release 6.2 (Santiago) Kernel \\r on an \\m \\d manmohan@192.168.216.130's password: Last login: Sun Jun 28 02:43:07 2015 from kalwa1.home.com
2. Now let’s make the change in the port number in ssh configuration, in order to order add more security.
- Login as root
3. change the port in the file /etc/ssh/sshd_config and make following changes firstly unhash the port entry & change the port number to 2222:
vi /etc/ssh/sshd_config Port 2222 --------------------------------------- [root@kalwa1 ~]# cat /etc/ssh/sshd_config|grep -i port Port 2222
4. Now restart the sshd service to take affect the changes we made in the ssh configuration in the above steps.
[root@kalwa1 ~]# service sshd restart Stopping sshd: [ OK ] Starting sshd: [ OK ] [root@kalwa1 ~]#
5. Now if you try to connect with default port it won’t connect. System gives connection refused error as below:
[root@kalwa1 ~]# ssh manmohan@192.168.216.130 ssh: connect to host 192.168.216.130 port 22: Connection refused [root@kalwa1 ~]#
6. So now onwards you have to change the port as 2222 while connecting using ssh command or with putty :
[root@kalwa1 ~]# ssh manmohan@192.168.216.130 -p 2222 Red Hat Enterprise Linux Server release 6.2 (Santiago) Kernel \\r on an \\m \\d manmohan@192.168.216.130's password: Last login: Sun Jun 28 02:43:12 2015 from kalwa1.home.com [manmohan@kalwa1 ~]$