According to my memory and http://www.twuug.org/lists/twuug/2003-02/msg00714.html you should be able to set the port in the /etc/ssh/sshd_conf file.
I hope this helps.
James
Whenever I install a dual boot machine, I issue the shell command
update-rc.d ssh defaults
Now I did this on my home PC so I can ssh to it from work (b/c they block every site under the sun...). This worked well for my getting to my email, etc. But suddenly it doesn't work. I'm thinking that the IT guy got wise and blocked port 22 so I cen't ssh home. How do I use a different port?
TIA,
AJG
According to my memory and http://www.twuug.org/lists/twuug/2003-02/msg00714.html you should be able to set the port in the /etc/ssh/sshd_conf file.
I hope this helps.
James
Hi UnderScore, thanx for the input. I'll still a little confused. The link you provide says to change the part in the /etc/init.d/sshd script, but I don't see any reference to a port there.
You mentioned editting /etc/ssh/ssh_config or /etc/ssh/ssh_config. Now, if I change the port on /etc/ssh/ssh_config it seems to change the port I'm trying to connect to on the fly (ie: just edit ssh_config, save and ssh). So, am I correct in assuming that changing the port in /etc/ssh/sshd_config will alter which port others connect to my PC using ssh remotely? Well, I tried changing it and no joy! I changed the ssh port at work from 22 to 8080 and the sshd port at home from 22 to 8080 and still no joy (ie:I can still connect from home to work, but I still can't connect from work to home)!
Any more ideas would be welcome!
TIA,
AJG
Sorry. I should have chosen a better representative link.
Anyway, there should be two config files in /etc/ssh: sshd_config and ssh_config. The first one is to configure the server daemon and the second one is to configure the client.
Here is my sshd_config in full. The bolded line is the one you want.
# $OpenBSD: sshd_config,v 1.65 2003/08/28 12:54:34 markus Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
#Port 22
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768
# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
PermitEmptyPasswords no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCreds yes
# Set this to 'yes' to enable PAM authentication (via challenge-response)
# and session processing. Depending on your PAM configuration, this may
# bypass the setting of 'PasswordAuthentication'
#UsePAM yes
AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
# no default banner path
#Banner /some/path
# override default of no subsystems
Subsystem sftp /usr/lib/misc/sftp-server
That's exactly what I did! Still no joy....
Regards,
AJG
Hmmmmm. Thats strange. I will go through the motions now ....That's exactly what I did! Still no joy....
I just booted a PC with Knoppix 3.6 with the cheatcode: knoppix 2 vga=normal
When it gives me a root prompt, I edit the /etc/ssh/sshd_config and change the Port 22 line to Port 2211. I save the changes. I start the sshd daemon with the command:Then I change the root user passwd to pentium4. I use ifconfig to find out the IP addr it was given (10.100.100.2)Code:/etc/init.d/ssh start
On my windows box I have the cygwin tools installed. I run the openssh client with the command:
I connects & asks me for the password. I type pentium4 and hit enter and I am in.Code:ssh -v -C -p 2211 root@10.100.100.2
I must ask the obvious, did you restart the sshd daemon so that it runs on the new port?Code:/etc/init.d/ssh restart
Another thing to consider is changing the forwarded port in a router you might have.
UnderScore, thanx for the input, but I did all that too!
Markus, you know I forgot to reset the port forwarding on my router at home. I think you have something there! I'll have to check that out. Now, how do I do that on my D-Link DI-604....
EDIT: OK, now I remember! Take a look at this post http://www.knoppix.net/forum/viewtop...er=asc&start=0
famous last words, huh?
TWIMC, if that's not the problem, maybe they blocked all but a few ports at my job for sshing out. Maybe I need to find the active or allowed ports? Is there such a thing as a port sniffing app in KNOPPIX?
Regards,
AJG
You could try running the sshd on common acceptable ports: http 80, https 443, 8080, ftp 21. Knoppix includes nmap for network/port scanning. Try nmap --help on the command line. I like to use nmap -sS -O -p1-1024 -vv 10.100.100.2.Maybe I need to find the active or allowed ports? Is there such a thing as a port sniffing app in knoppix?
Good luck.
Yeah, I tried 21 and 8080 yesterday, just guessing, but no joy.
OK, I just ran nmap and got on my work PC:
22/tcp open ssh
111/tcp open sunrpc
631/tcp open ipp
and on my home PC:
80/tcp open http
113/tcp clased auth
and on another server at work:
80/tcp open http
The one I use from work mostly is the one that reported 22/tcp open ssh. I can still ssh to it from home but not out from it to home. So either I have to fix the port forwarding on my router at home or nmap isn't reporting on outgoing sshd, but only for incoming ssh.
BTW, nmap reports a service for each port like http or ssh or ipp. Can I "hijack" an open port, say 80, and force a ssh service?
TIA,
AJG
Dell PowerEdge R730 2x E5-2699V3 2.3Ghz 36 Core 128GB RAM H730 X520-I350 2x750W
$329.99
Dell Poweredge R730xd LFF 14-Bay 2U Server | Choose Your CPU & RAM Config
$457.99
DELL PowerEdge R730XD Server 2x E5-2680v3 2.5GHz =24 Cores 32GB H730 4xRJ45
$271.00
Dell Poweredge R630 Server 2x E5-2620 V4 =16 Cores | S130 | 32GB RAM | 2x trays
$159.99
DELL R630 SERVER 8 x 2.5'' 2X E5-2680V4 32GB RAM IDRAC ENT & NDC 2X 495W PSU
$174.95
Dell PowerEdge R730XD 28 Core Server 2X Xeon E5-2680 V4 H730 128GB RAM No HDD
$389.99
Dell PowerEdge R630 Server 2x E5-2640v3 2.60Ghz 16-Core 64GB H330
$182.65
Dell PowerEdge M620 Blade Server 2 x Xeon e5 2665 8 x 16 GB(128) RAM - No HD
$44.99
1U Supermicro Server 10 Bay 2x Intel Xeon 3.3Ghz 8C 128GB RAM 240GB SSD 2x 10GBE
$259.00
DELL PowerEdge R630 8SFF Server 2x E5-2690v4 2.6GHz =28 Cores 256GB H730 4xRJ45
$562.00