Feature Request: Invalid sshd port fallback

Ron Frederick ronf at timeheart.net
Fri Jul 31 07:02:36 AEST 2015


On Jul 30, 2015, at 1:30 PM, Stop Spazzing <stopspazzing at gmail.com> wrote:
> I would like to suggest adding a fallback in the event that somehow the
> sshd_config port number is invalid.
> 
> Example:
> Port !=  (1<= or >=65535)
> 
> By default fall by to port 22, and spit out an error. Same would go for if
> the new port is already in use, fall back to port 22 and spit out an error.
> 
> Why is this a good idea? Would be a good idea because people are human and
> make mistakes, and you shouldn't have to wipe your server just because an
> invalid port was used by accident.
> 
> Why is this a bad idea? I see no reason why this would be a bad idea that I
> am aware of.


I can think of at least one reason why this is a bad idea. There are a lot of ssh port scanners out there connecting on port 22, and people often put their ssh servers on non-standard ports to reduce the amount of this sort of traffic they receive. If you think you have configured a non-standard port and happen to get it wrong, I don’t think you’d want the SSH server to start up on the default port. It would be better to let you know the port is wrong and fail to start until you fixed the problem and selected a valid non-standard port.
-- 
Ron Frederick
ronf at timeheart.net





More information about the openssh-unix-dev mailing list