Log filtering at the expense of having one more thing to manage, forget, or otherwise screw-up.
Ways I've seen this go wrong:
- someone fails to copy the port while communicating it
- the new whiz-bang AI security solution detects non-standard SSH ports and "quarantines" you while you try to figure out what happened and who to talk to
- someone manually "reviews" the firewall rules and locks you out of your own boxes
- someone builds a tool that uses SSH but doesn't allow non-standard ports
This is a feature. Allowing Unfriendly AIs or incompetent morons to dictate security policy will go horribly wrong eventually; nonstandard SSH ports help make it painful for you to allow them to gain a foothold in the first place.
Turning incompetence into actual problems is not a value-add. I already know the incompetence exists, so there's no informational value, and if I were in a position to do something about it, I would have, so there's no organizational value. Just wasted time.
Ways I've seen this go wrong:
- someone fails to copy the port while communicating it
- the new whiz-bang AI security solution detects non-standard SSH ports and "quarantines" you while you try to figure out what happened and who to talk to
- someone manually "reviews" the firewall rules and locks you out of your own boxes
- someone builds a tool that uses SSH but doesn't allow non-standard ports