"joeb" <[EMAIL PROTECTED]> writes: > In FreeBSD 6.2 and older the port SSH listened on was controlled by > /etc/services. Now in 7.0 SSH no longer looks at /etc/services to find out > what port to listen on. Is this by design or error in the move to a newer > release of SSH?
I hadn't noticed that sshd had *ever* used that file for that purpose. It can be explicitly configured for a variety of address/port configurations, using the "Port" and "ListenAddress" configurations in the sshd_config file. Or overridden on the command line. I recommend you leave the services file standard and modify the config file, because that's how other admins would expect you to have done it anyway. > When it comes to security through obscurity don't be so fast to shoot it > down. On my system port 22 was receiving over 700 scans or login attempts a > day. Changing the SSH to use xx22 port stopped all the high school and > college script kiddies cold. Now I only get maybe 5 hits on my xx22 port > every 3 months. I would word it a little differently. I don't think of changing the ssh port as providing security at all: what it does is allows you to put less effort into providing (roughly) the same security. Still a desirable goal. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/ _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"