SSH Failed Login Attempts

Some Linux distributions, such as CentOS 7, will display a statistic upon logging in via SSH to alert you if there have been any failed login attempts:

There were 51 failed login attempts since the last successful login.

Unfortunately, this is considered normal. Bots are well known to scour the internet in the hope of brute forcing services such as SSH. Fortunately, there's a quick and easy solution to help protect this particular service - change the port!

The default port for Linux servers is 22, which is what such bots will typically target. 

The exact process for changing your SSH port may vary depending on your OS and configuration, however, as a general rule of thumb, open the /etc/ssh/sshd_config file, locate #Port 22 and remove the comment (#). Then, change 22 to a value of your choice (i.e. 2222) and restart SSH (typically service sshd restart will do the trick).
Was this answer helpful? 3 Users Found This Useful (7 Votes)