SSH through port forwarding

Chad Perrin perrin at
Fri Dec 28 09:17:37 PST 2007

On Tue, Dec 18, 2007 at 05:44:11AM -0500, Gerard Seibert wrote:
> > On December 18, 2007 at 12:47AM sham khalil wrote:
> > 
> > once you open port 22 to public ip, you'll get people try to bruteforce your
> > machine.
> > if you don't want that set sshd to listen to a higher number like 5522
> > then forward port 5522 from the router to the internal machines.
> > 
> > unfortunately for wrt54g, you can't forward port 5522 to 22 for internal
> > machine.
> Security through obscurity is a poor substitute for security. Port scanners
> will eventually find that port also.

One needs something else for security against brute-force attempts, but
changing the port number does help cut down on the amount of bandwidth
consumption on the LAN side of your router by allowing the router to
ignore/deny all incoming traffic on port 22.

CCD CopyWrite Chad Perrin [ ]
Marvin Minsky: "It's just incredible that a trillion-synapse computer could
actually spend Saturday afternoon watching a football game."

More information about the freebsd-questions mailing list