Changing ports

Jeremy Fowler JFowler at westrope.com
Thu Apr 4 00:19:03 CST 2002 

Well, if you run sshd from xinetd or inetd and you want to change the
port number, then yes. However, I wouldn't change the default ssh ports
from 22 in /etc/services, leave them be. Instead add a separate service
line for ssh on whatever port you want. Call it ssh-<portnumber>

Example /etc/services:

ssh		22/tcp				# SSH Remote Login
Protocol
ssh		22/udp				# SSH Remote Login
Protocol
ssh-31337	31337/tcp			# sshd on port 31337
ssh-31337	31337/udp			# sshd on port 31337

Then in /etc/xinetd.d/ (if you use xinetd, inetd you have to edit the
inetd.conf file) create a file called ssh-<portnumber>. Here you tell it
how to load sshd.

Example /etc/xinetd.d/ssh-31337:

service ssh-31337
{
	disable	= no
	flags		= REUSE
	socket_type	= stream        
	port		= 31337
	wait		= no
	user		= root
	server		= /usr/sbin/sshd
	server_args	= -i
	log_on_failure	+= USERID
}

I prefer using xinetd to launch sshd. For starters if you don't use
sshd all that often there is no need to keep it resident in memory.
Second xinetd adds extra security to sshd by being able to limit which
IP address are allowed to use the sshd service. Just place the IP
addresses of the machines you will be administering from in the
/etc/hosts.allow file. Make sure you have an ALL: ALL line in your
/etc/hosts.deny file to lock down sshd, and any other daemon that is
started from xinetd or inetd.

Hope this was helpful. -Jeremy

Jeremy Fowler
801 W. 47th St, Suite 500
Kansas City, MO 64112
Phone: (816) 842-8222
Fax: (816) 842-3081
jfowler at westrope.com

>>> "Gene Dascher" <gedascher at multiservice.com> 04/03/02 01:41PM >>>

From:	Gene Dascher" <gedascher at multiservice.com>
Sent:	Wednesday, April 03, 2002 1:41 PM
To:	Kclug" <kclug at kclug.org>
Subject:	RE: Changing ports
Priority:	Normal

Then just restart the sshd daemon?  Do I have to mess with the
/etc/services
file at all?

Thanks,
Gene

> -----Original Message-----
> From: owner-kclug at marauder.illiana.net 
> [mailto:owner-kclug at marauder.illiana.net]On Behalf Of Brian Densmore
> Sent: Wednesday, April 03, 2002 1:20 PM
> To: Kclug
> Subject: RE: Changing ports
>
>
> Depends. On what service you are talking about.
> For sshd:
>
> In the sshd configuration file uncomment the line
> #Port 22
>
> and change it to whatever port you want. Make sure the port isn't
being
> used by some other daemon/process or sshd will complain about not
being
> able to bind the port.
>
> Brian
>
> > -----Original Message-----
> > From: Gene Dascher [mailto:gedascher at multiservice.com] 
> > Sent: Wednesday, April 03, 2002 1:06 PM
> > To: Kclug
> > Subject: Changing ports
> >
> >
> > Hello all,
> > 	How difficult is it to have one of my services (let's
> > say ssh) listen on a
> > port other than the default for that service?
> >
> > Thanks,
> > Gene
> >
> >
> >
> > majordomo at kclug.org 
> >
>
>
majordomo at kclug.org

More information about the Kclug mailing list