

You can switch remote login on and off as you see fit, enabling or disabling SSH on port 22, and the entirely separate service defined by this procedure will work independently.
#Change username when ssh on mac plus
If all is well, you can now shut off the original port 22 service either via launchctl or by unchecking the ‘Remote Login’ box on the Sharing preference pane.īecause this process has done nothing except define a new service on a previously unused port, plus add a plist to engage ssh to handle traffic on that port, everything else continues to work as normal. Now you can grab a copy of Apple’s default ssh plist and pop it into /Library/LaunchDaemons: Sshcustomnameđ2345/tcp # SSH Remote Login Protocol Sshcustomnameđ2345/udp # SSH Remote Login Protocol Start by adding a new service to /etc/services, where you should find these lines already in the list:Įdit the file as root, and copy the ssh lines to the bottom of the file, but change the port number 22 to something else chosen from the list of unassigned ports, and created a new name for your SSH service, so it’s like so: You can move the port in just a few steps. Note that the latter does nothing to make it harder to break in via SSH, but what it does do is cut out a potentially vast number of automated attacks which simply assume that port 22 is the port to hit.

#Change username when ssh on mac mac os x
In addition to enabling the packet filter and adaptive firewall (“ Mac OS X Packet Filter and Adaptive Firewall”), you can also cut down on the number of automated brute force attacks against your machine through SSH either by shutting off remote login altogether, which may be inconvenient for administrators, or by moving all SSH traffic to a different port. Changing the port number for SSH will eliminate the set of attacks which always look for the standard port 22. If you’ve had your server switched on for more than a day or two in a major colocation facility, it’s probably already been targeted by automated attacks via SSH.
