Sshd: Difference between revisions

From Hackepedia
Jump to navigationJump to search
Newer edit →
No edit summary
 
Frankk (talk | contribs)
136 edits
No edit summary
Line 1: Line 1:
The server [[daemon]] of the [[ssh]] implementation.  This daemon listens on [[port]] 22 usually although doesn't have to be.
The server [[daemon]] of the [[ssh]] implementation.  This daemon listens on [[port]] 22 by default. Some admins change the port if they believe in [[security by obscurity]]. The difficulty is then you'd also have to change the daemon banner that sshd returns for this to be really useful. [http://www.monkey.org/~provos/scanssh/ scannssh] is based on this concept.
 
# nc mail.yashy.com 22
Trying 206.248.137.44...
Connected to mail.yashy.com.
Escape character is '^]'.
SSH-2.0-OpenSSH_3.8.1p1 YashSSHD-20051225
 
 
As you can see, the banner has been modified in this example, but it is still quite obvious what this daemon is for unless you remove "SSH" from the banner.
 
If you only connect to your sshd via a few different shell acounts, you should configure your [[firewall]] to only allow access to your sshd port via the IP(s) of those shells.
 
You might also look into [http://www.portknocking.org/ port knocking] if you run an sshd you're trying to conceal.

Revision as of 20:17, 26 October 2005

The server daemon of the ssh implementation. This daemon listens on port 22 by default. Some admins change the port if they believe in security by obscurity. The difficulty is then you'd also have to change the daemon banner that sshd returns for this to be really useful. scannssh is based on this concept. 

# nc mail.yashy.com 22
Trying 206.248.137.44...
Connected to mail.yashy.com.
Escape character is '^]'.
SSH-2.0-OpenSSH_3.8.1p1 YashSSHD-20051225


As you can see, the banner has been modified in this example, but it is still quite obvious what this daemon is for unless you remove "SSH" from the banner.

If you only connect to your sshd via a few different shell acounts, you should configure your firewall to only allow access to your sshd port via the IP(s) of those shells.

You might also look into port knocking if you run an sshd you're trying to conceal.

Retrieved from "https://hackepedia.org/?title=Sshd&oldid=562"