Topic: Howto: Change Default SSH Port For Prevent Brute Force Attacks

If you activated sshd daemon in FreeBSD, you should change default ssh port, because a lot of hackers will brute force your ssh login and password. Here is a part of my log before I changed default port:

Apr 28 00:03:10 host sshd[64644]: Invalid user postgres from 77.221.156.210
Apr 28 00:19:03 host sshd[6082]: Invalid user info from 77.221.156.210
Apr 28 00:31:00 host sshd[32286]: Invalid user info1 from 77.221.156.210
Apr 28 00:42:56 host sshd[61803]: Invalid user info from 77.221.156.210
Apr 28 00:54:53 host sshd[92584]: Invalid user media from 77.221.156.210
Apr 28 01:06:48 host sshd[31386]: Invalid user user from 77.221.156.210
Apr 28 01:18:44 host sshd[66535]: Invalid user user2 from 77.221.156.210
Apr 28 01:30:41 host sshd[5128]: Invalid user user3 from 77.221.156.210

Now, open your rc.conf:

# ee /etc/rc.conf

After string sshd_enable="YES", type:

sshd_flags="-p 4422"

You can type 2244, 4444 or any other non system port.

Note: for save config file and exit from ee press ESC-a-a.

Then reboot your server or run command:

# service sshd reload

Now you can connect to your server with command:

# ssh user@example.com -p 4422

If you're using PuTTy on Windows, you can specify the port number in the profile for you connection and then re-save the profile using the new port.