[c-nsp] Changing SSH Port on IOS

Charles Wyble charles at thewybles.com
Sat Mar 21 13:45:19 EDT 2009


Um..... why don't you setup some ACL to limit access? It's generally ill 
advised to run dameons with shell access directly connected to the 
internet. :)

I use OpenVPN for all my access, and only run SSH on the private 
interface. I realize this isn't always possible, but is a good solution.

Andy BIERLAIR wrote:
> I'm running s72033-ipservicesk9-mz.122-18.SXF15a with SSH on Port 22.
> 
> Due too many bots hammering that well-known port, I wanted to change it to
> something else, but somehow I can't:
> 
> Router(config)#ip ssh port
>                    ^
> % Invalid input detected at '^' marker.
> 
> Router(config)#ip ssh ?   
>   authentication-retries  Specify number of authentication retries
>   source-interface        Specify interface for source address in SSH
> connections
>   time-out                Specify SSH time-out interval
>   version                 Specify protocol version supported
> 
> #sh ip ssh
> SSH Enabled - version 1.99
> Authentication timeout: 120 secs; Authentication retries: 3
> 
> Did I miss something are is it really not possible to change the SSH port to
> something less obvious than 22?
> 
> 
> -
> Andy
> 
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 


More information about the cisco-nsp mailing list