- Mar 6, 2014
There are some cases where it's useful to run the actual SSH server on a non-standard port.This is exactly the right way to do it. If you open the standard public facing port, you will draw the incessant fire of countless Russian and Chinese hackers; even if they can't get anywhere, it's still annoying.
Also, if you're using Windows, you might take a look at "Bitvise" rather than putty. It makes handling all of this business rather simple, graphical, and intuitive.
For instance, if you:
- extensively use SFTP in a jail
- don't want your SFTP server to be constantly hammered at
- have a domain name pointing to the network where the SSH server is located
- access the SFTP server from WAN and LAN
- don't want to have separate SFTP client configs based on where you are located.
- wish to avoid configuring NAT reflection by configuring split DNS on the LAN where the SFTP server is located.