- key for ssh on port 22 is only the ssh-key difficulty
- key for ssh on unknown port is ssh-key difficulty + ssh-scan difficulty
it is an asymmetrical solution:
- for somebody with enough resources it is not much of an increase in difficulty
- for somebody with insufficient resources it is a significant increase in difficulty
so essentially, it is an effective way to fight of script kiddies without targeted interest.
it is not effective against targeted attacks - best to not have open ssh ports at all on public servers but to put them behind vpn/firewalls with ip restrictions.
- key for ssh on port 22 is only the ssh-key difficulty
- key for ssh on unknown port is ssh-key difficulty + ssh-scan difficulty
it is an asymmetrical solution:
- for somebody with enough resources it is not much of an increase in difficulty
- for somebody with insufficient resources it is a significant increase in difficulty
so essentially, it is an effective way to fight of script kiddies without targeted interest. it is not effective against targeted attacks - best to not have open ssh ports at all on public servers but to put them behind vpn/firewalls with ip restrictions.