I've been subjected to an interrupted stream of failed login attempts on port 22 (sshd) this last week that are clogging up my log files.
Turning off sshd (a.k.a. Remote Login) altogether was a half backed option as I connect remotely to my workstation, so I decided to change the default sshd port to wave off the bulk of repeated login attempts.
Editing the ssh.plist preference file
- Turn off Remote login in the Sharing Preference pane
- Open the Terminal (/Applications/Utilities/Terminal)
- Navigate to /System/Library/LaunchDaemons/
- Make a backup copy of ssh.plist
- Edit ssh.plist and replace the service name (ssh) with the port you wish to use (e.g. 22091)
- Save the changes and turn Remote login back on in the Sharing Preference pane (which restarts the ssh service with launchctl)
- Test your connection in the Terminal ssh [email protected] -p 22091 (use the port number you chose).
The following 2 occurences were changed:
[…] <key>Sockets</key> <dict> <key>Listeners</key> <dict> <key>SockServiceName</key> <string>22091</string> <key>Bonjour</key> <array> <string>22091</string> <string>sftp-ssh</string> </array> </dict> </dict> […]
You can find more information on launchd handled services on Mac OS X in the launchd.plist(5) manual.