On Tue, 2008-04-22 at 11:55 -0600, Steve Morrey wrote: > Or just set it to something way off in the boonies but be consistent > about > it. > For instance almost all of my servers have SSH at 2774 which if you > look at > it on a phone turns out to be 2SSH or my secondary SSH port. How hard > is it > to type ssh myserver.com -luser -p2774 > For the extra bonus of rarely (or never) seeing a dictionary attack I > think > the extra 6 keystrokes are totally worth it. But you do have to use > something you can remember and use it consistently
First of all, I see tons of extra keystrokes in there. Most of the time I just type "ssh server". That's it, username is the same everywhere, and the port is always the default. It would take an additional *7* characters to change the port " -p2774", don't forget that space, it still counts. Also compare the 7 extra characters in relation to the total command. "ssh server" 10 chars vs. "ssh server -p 2774" 17 chars. Almost a 60% increase in the length of the command. To me, 60% is *not* negligible. Also consider the number of times a day I actually run ssh, about 30-60 times a day on average. It is a big deal. So I see two options to reduce the work to a one time operation: 1. setup my ~/.ssh/config file for all possible contingencies or 2. Secure my public ssh servers very carefully. I'll leave it on port 22, and just practice good security. --lonnie /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
