[NTLUG:Discuss] SSH
Richard Cobbe
cobbe at airmail.net
Fri Jan 18 21:04:12 CST 2002
Lo, on Friday, January 18, Matt Caldwell did write:
> Thanks, I just checked my services, and I was using port 22. Port 22
> is blocked on the firewall. So, I commented out Telnet and changed
> sshd to port 23 in my /etc/services. Is that all I need to do,, other
> than restart inetd?
I wouldn't change /etc/services like that; several other components of
the system depend on that file. (I don't know of anything that will
definitely break, but it's still risky.)
If you're running sshd from inetd (which I've never managed to get
working myself) then edit /etc/inetd.conf and supply the -p switch to
sshd, with a port number. (See the manpage for sshd for details.) Edit
/etc/hosts.{allow,deny} to accept connections on the new port, and
kill -HUP inetd to force it to reread the config file.
If you're not running sshd from inetd, it's most likely being started by
one of the scripts run at boot time---/etc/rc.d/sshd or something like
that. Edit that to supply the -p switch to sshd and restart the
service.
In either case, you'll need to change your client to use the new port.
I'd be fairly surprised if your company blocks port 22 but allows port
23. You may want to try some other services, like port 80 or port 443
(https). If you're running a web server on those ports, you can play
some tricks with ipchains/ipfwadm/iptables to redirect traffic from your
office from port 80 to port 22---and you don't have to edit any of the
files above.
Richard
More information about the Discuss
mailing list