PSA - change your ssh port on external facing servers

If you’re running your server with MineOS on a remote network - or you expose your SSH to the internet - please change your SSH port from 22 to something else. Port 22 is the common SSH port and I have remembered and noticed again recently that you will get hundreds, if not thousands, of attempts to access your server. Simply changing the port from 22 to say 1122 or 1222 or something will stop these scripted attempts immediately.

The steps for each distro are different and you should find a guide for the distro you’re running.
I am currently testing Oracle Linux on Oracle Cloud and found that I had to change:

1) SELinux to let it know about the new port
2) sshd_config - to set the port
3) firewalld - to allow the service and remove existing service
4) Oracle cloud virtual network - created new ingress rule and removed the old

According to LiveOverflow’s video doing this is just security theatre (?) because it actually does nothing to stop an adversary from brute forcing your ssh login.

It stops the scripts from hitting your ssh port and potentially creating a DOS.
It’s better than letting it happen.

it does not hurt people are going to assume that port 22 is the port because people are lazy or don’t know to change it.

Then if you really want to lock it down then RSA keys are the way to do it that way no one is getting through except key holders.

This wasn’t a treatise for server security. It’s like part 1 of securing your server (and I am no expert), this will keep the majority of crap out of your SSH port.

You are in the right line of thinking i was agreeing with you against the other person. I am a novice myself and know enough to get myself into trouble i know probably just as much to keep me out of trouble on the flip side also.

the post is messingup sothis line is just some gibberish to fill it out hopefully so it posts.