According to my memory and http://www.twuug.org/lists/twuug/2003-02/msg00714.html you should be able to set the port in the /etc/ssh/sshd_conf file.
I hope this helps.
James
Whenever I install a dual boot machine, I issue the shell command
update-rc.d ssh defaults
Now I did this on my home PC so I can ssh to it from work (b/c they block every site under the sun...). This worked well for my getting to my email, etc. But suddenly it doesn't work. I'm thinking that the IT guy got wise and blocked port 22 so I cen't ssh home. How do I use a different port?
TIA,
AJG
According to my memory and http://www.twuug.org/lists/twuug/2003-02/msg00714.html you should be able to set the port in the /etc/ssh/sshd_conf file.
I hope this helps.
James
Hi UnderScore, thanx for the input. I'll still a little confused. The link you provide says to change the part in the /etc/init.d/sshd script, but I don't see any reference to a port there.
You mentioned editting /etc/ssh/ssh_config or /etc/ssh/ssh_config. Now, if I change the port on /etc/ssh/ssh_config it seems to change the port I'm trying to connect to on the fly (ie: just edit ssh_config, save and ssh). So, am I correct in assuming that changing the port in /etc/ssh/sshd_config will alter which port others connect to my PC using ssh remotely? Well, I tried changing it and no joy! I changed the ssh port at work from 22 to 8080 and the sshd port at home from 22 to 8080 and still no joy (ie:I can still connect from home to work, but I still can't connect from work to home)!
Any more ideas would be welcome!
TIA,
AJG
Sorry. I should have chosen a better representative link.
Anyway, there should be two config files in /etc/ssh: sshd_config and ssh_config. The first one is to configure the server daemon and the second one is to configure the client.
Here is my sshd_config in full. The bolded line is the one you want.
# $OpenBSD: sshd_config,v 1.65 2003/08/28 12:54:34 markus Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
#Port 22
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768
# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
PermitEmptyPasswords no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCreds yes
# Set this to 'yes' to enable PAM authentication (via challenge-response)
# and session processing. Depending on your PAM configuration, this may
# bypass the setting of 'PasswordAuthentication'
#UsePAM yes
AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
# no default banner path
#Banner /some/path
# override default of no subsystems
Subsystem sftp /usr/lib/misc/sftp-server
That's exactly what I did! Still no joy....
Regards,
AJG
Hmmmmm. Thats strange. I will go through the motions now ....That's exactly what I did! Still no joy....
I just booted a PC with Knoppix 3.6 with the cheatcode: knoppix 2 vga=normal
When it gives me a root prompt, I edit the /etc/ssh/sshd_config and change the Port 22 line to Port 2211. I save the changes. I start the sshd daemon with the command:Then I change the root user passwd to pentium4. I use ifconfig to find out the IP addr it was given (10.100.100.2)Code:/etc/init.d/ssh start
On my windows box I have the cygwin tools installed. I run the openssh client with the command:
I connects & asks me for the password. I type pentium4 and hit enter and I am in.Code:ssh -v -C -p 2211 root@10.100.100.2
I must ask the obvious, did you restart the sshd daemon so that it runs on the new port?Code:/etc/init.d/ssh restart
Another thing to consider is changing the forwarded port in a router you might have.
UnderScore, thanx for the input, but I did all that too!
Markus, you know I forgot to reset the port forwarding on my router at home. I think you have something there! I'll have to check that out. Now, how do I do that on my D-Link DI-604....
EDIT: OK, now I remember! Take a look at this post http://www.knoppix.net/forum/viewtop...er=asc&start=0
famous last words, huh?
TWIMC, if that's not the problem, maybe they blocked all but a few ports at my job for sshing out. Maybe I need to find the active or allowed ports? Is there such a thing as a port sniffing app in KNOPPIX?
Regards,
AJG
You could try running the sshd on common acceptable ports: http 80, https 443, 8080, ftp 21. Knoppix includes nmap for network/port scanning. Try nmap --help on the command line. I like to use nmap -sS -O -p1-1024 -vv 10.100.100.2.Maybe I need to find the active or allowed ports? Is there such a thing as a port sniffing app in knoppix?
Good luck.
Yeah, I tried 21 and 8080 yesterday, just guessing, but no joy.
OK, I just ran nmap and got on my work PC:
22/tcp open ssh
111/tcp open sunrpc
631/tcp open ipp
and on my home PC:
80/tcp open http
113/tcp clased auth
and on another server at work:
80/tcp open http
The one I use from work mostly is the one that reported 22/tcp open ssh. I can still ssh to it from home but not out from it to home. So either I have to fix the port forwarding on my router at home or nmap isn't reporting on outgoing sshd, but only for incoming ssh.
BTW, nmap reports a service for each port like http or ssh or ipp. Can I "hijack" an open port, say 80, and force a ssh service?
TIA,
AJG
1U BareMetal pfsense opnsense Router Firewall DNS Server 6x 10GB Ethernet Ports
$149.00
Australia Linux Server- 32 GB RAM + 500 HDD + 6 Core processor
$66.51
POGO Linux WEBWARE 1150 Rack-Mount Server Pentium 4 2.8GHz 512MB - No Drives
$152.99
Globalscale Technologies DreamPlug AppNeta M22 Linux Server Dual GB Ethernet
$24.99
Dell PowerEdge R210 II Rackmount Server Xeon E31220L 16Gb 1TB + 500GB LINUX 6.6
$129.00
Custom Server 15" Depth X11SSH-F E3-1270 V6 3.8Ghz 4 Core - 128GB NVME 32GB RAM
$399.00
1U 10 SFF Bay Supermicro Server X10DRW-iT 2x Xeon E5-2690 V4 128GB DDR4 RAM
$399.00
6x Fedora Linux Computer Sticker Decals Desktop Laptop Server Badge Decal Vinyl
$2.99
VPS Windows / Linux Server - 12GB RAM, 4 Core, 1 TB HD, Unltd. bandwidth 1 Year
$279.36
SQL Server 2019 Standard (10 CAL) - Windows and Linux, Physical License
$249.00