In the past recent days, I noticed an automated brute force attempt to login into my server via SSH. The default port for SSH is port 22 and having an online server exposes you into an automated attacks. One way to prevent or limit this type of attack is by changing the default SSH port.
You can change the default ssh port by editing the sshd configuration file.
sudo nano /etc/ssh/sshd_config
Find the line that say
#Port. Remove the # symbol and set the port number you prefer.
Refer to the image below as reference.
After you change the SSH port you can now login from the terminal like this.
ssh -p 34092 [email protected]
Transfer files using scp with capital -P as parameter
scp -P 34092 file.txt [email protected]:file.txt
After changing the default SSH port I don’t have any brute force login attempts as of this writing. Of course we will need to actively monitor our server for any attacks and take necessary actions.
It is important that we secure our online Linux servers by having latest security patch installed,
firewall enable and uninstall unnecessary softwares. I am not a cybersecurity expert but I think taking the basic security measures will improve our chances against online attacks.