Changing ssh port?

Similar Messages

• Changing SSH port in Cisco switches

  Hello everyone 
  I have switches with different platforms 2950 , 3750 , 3560  ...... I want to change the port of SSH , but the command ip ssh port not found ... be informed that the IOS is ipservice type for layer 3 switches

  Sorry but you cannot change the port (tcp/22) used by ssh on Cisco switches.
  The best practices for securing it it include:
  - enforce ssh version 2,
  - apply an access-list to your vty lines,
  - set a timeout and retry lockout, and
  - possibly control plane policing.

• How to change the default SSH port on Cat 6500 WS-SUP720-3B

  I have been net searching this question and I find answers relative to other Cisco products but not for the 6500 series. We are running
  entservicesk9_wan-mz.122-18.SXF17a.bin and would like to know how to change the default SSH listening port..
  Thanks in advance..

  Hi Neil,
  Normally this is achieved via the "ip ssh port rotary " but unfortunately, this command is not implemented on your platform so ssh will only work on port 22.
  Regards,
  Nicolas

• How to Change the Default SSH Port from Terminal ?

  How to Change the Default SSH Port from Terminal ?

  How to Change the Default SSH Port from Terminal ?
  now showing default SSH Port 22 i need change it pls help me how can do

• How to Change the Default SSH Port from Terminal ? now showing default SSH Port 22 i need change it pls help me how can do

  How to Change the Default SSH Port from Terminal ?
  now showing default SSH Port 22 i need change it pls help me how can do

  How to Change the Default SSH Port from Terminal ?
  now showing default SSH Port 22 i need change it pls help me how can do

• Changing default SSH port 22

  I am interested in making my computer more secure. I have my computer set up as a web server and also have FTP and Remote Access services enabled. Last week I had a security breach. Someone had placed a folder in my web directory which basically spoofed the eBay login page. I have since disabled FTP and Remote Access services. After doing so, there have been no more intrusions to date.
  Since this incident I have been conducting research on the Web about tightening up security on my home computer. One of things suggested is changing the default port for SSH. What is the process involved in changing the port?
  Any assistance is appreciated.
  Roland

  The default port numbers of the services stands in the file /etc/services. When you activate an service such as ssh, the service bind the port number, which stands in these file and listen at this port.
  You could change the portnumber with: sudo vi /etc/services.
  When you make changes in these file, is it better, when you comment the default entries and make new entries with your portnumbers.

• How do I change the SSH port in OS X 10.6?

  How do I change the SSH port in OS X 10.6?
  I added three additional Port options to my /etc/sshd_config. I have the same configuration. I restarted my Mac, but I can't access the Mac over the new ports. Running nmap shows no additional open ports.
  I have the same configuration on my linux server, so I'm pretty sure, the syntax is right.
  I didn't find anything in the documentation or here in the discussion group, so please help. Thanks

  Thanks, it took me some minutes to adapt, but it did solve my problem.
  My bad, I only searched in the "server product groups"... :-/

• IOS Zone firewall (ZFW) & changing SSH listening port

  I'll have to check into the deetails again but I recall there being a way to change the listening port for SSH.  Not only do you have to configure SSH itself to listen on a new port but I think there was something about making the inbound interface part of a rotary group or something. 
  Anyway, my question is more about how the zone firewall reacts to this.  If I have inspect set for SSH, (or pass) and yet change the default port for it, does the IOS still know to take the configured action on the protocol?  I'll try to test this myself once I have an opportunity but may not be able to for several days, plus if anybody has anything further to add regarding any other implications this port change mgiht have, please share
  Thanks! 

  Hi Julio,
  You are ever helpful sir Howver, things are not making sense.
  Ok so to take it from the top. So far I have done the following:
  Router(config)#ip ssh port 2340 rotary 1
  Then:
  Router(config)#line vty 0 123 (123 = max # of vty lines, my actual # is different)
  Router(config-line)#rotary 1
  This of course does not make SSH on port 2340 work from the Internet zone to Self as I have not yet modified the firewall nor done the ip port-map command. It does work from the LAN side to Self since that zone-pair is more forgiving, however, it works on both 22 and 2340 which I thought odd since I thought the ip ssh command changes the SSH server listening port.
  I have not yet permanently set the ip port-map command. However I ran it once and then did a sh ip port-map ssh
  This showed system defined ssh port maps for tcp and udp on 22, and then my user defined one for tcp port 2340. Interesting that the system-defined ones are both UDP and TCP - I thought SSH was TCP only.
  According to the IOS command referendces (for release 15.2), I should not be able to remove the system-defined port map entries as it would give an error. However, I did no ip port-map ssh port tcp 22 and the same for the UDP entry and they disappeared - so now for sh ip port-map ssh I get no results returned. Yet, SSH still works on 22 and 2340.
  Be that as it may, after some further testing I've concluded that with or without use of the ip port-map ssh port tcp 2340 entry, SSH works (from LAN to Self) on either port 22 or 2340. It seems ip port-map has no effect on the SSH server itself (?). Or perhaps PAM is overridden by the ip ssh commands?
  So at that point I decided to stop testing, not doing anything with firewall yet, until I understand things better. So far, the IOS is very confusing in it's behavior.
  Changing the SSH server's listening port via ip ssh command to something other than 22 seems to not actually change anything, it just adds that port in addition to 22.
  Port-application mapping appears to have no effect on the SSH server (I have not tested whether ip ssh overrides PAM or vice versa)
  So far there seems to be no way to actually change port 22 usage - even "deleting" the PAM entry for ssh via 22 has no effect.
  Confusing!

• Changing listening port for SSH on IDS

  What command would I use to change the listening port on a 4200 series IDS? I have it listening on another port, and when I applied the S189/S190 update, it changed SSH back to port 22.
  Just out of curiosity too, does anyone know what else the S189/S190 updates change?
  Thanks,
  Jim

  After looking around, I think it may be the /etc/ssh/sshd_config file that needs to be modified. However, I wanted to double check that with the community. If I modify that file and restart ssh, will I mess anything up and lock myself out of remote access?
  Thanks!!

• SSH change default port via ssh.plist

  I have to change SSH default port on Snow Leopard server. There's a hint that works with my home snow leopard but don't work on server why?
  This method edit ssh.plist
  <key>Sockets</key>
  <dict>
          <key>Listeners</key>
          <dict>
                  <key>SockServiceName</key>
                  <string>ssh</string>
                  <key>Bonjour</key>
                  <array>
                          <string>ssh</string>
                          <string>sftp-ssh</string>
                  </array>
          </dict>
          <key>Listeners2</key>
          <dict>
                  <key>SockServiceName</key>
                  <string>22022</string>
          </dict>
  </dict>

  Right after the IP Address, I enter a colon followed by the port to which I'm connecting. This works great. I also downloaded an application called CoRD which works really well.
  As an aside I have to say that I'm disappointed at the Apple community for not responding to this post. I'm a long time Windows user (since there was a Windows) and I've always had posts in the Windows Forums answered within 24 hours. I've had questions in the past on other Apple related issues which also have gone un-answered. If this is the de-facto standard .. I'm beginning to get nervous.
  --- Val

• How do you change Terminal ssh port setting?

  My ISP changed its ssh port from 22 to 100. I've tried to change it in Terminal but it stays at 22. I opened etc/ssh_config as administrator, changed it there and saved the change, but it stays at 22. Any help would be much appreciated.

  My ISP changed its ssh port from 22 to 100. I've tried to change it in Terminal but it stays at 22.
  I just want to clarify which side's ssh port has changed to 100.
  Do you ssh into a server at your ISP and your ISP has changed their ssh daemon's port to 100, and now you need to know how to ssh to port 100?
  ssh -p 100 ...
  You can add an entry to *$HOME/.ssh/config* like the following:
  Host your.ips.server
  Port 100
  What this should do, is any ssh to that DNS name or IP address will go to port 100, all other ssh connections will go to port 22
  NOTE: the $HOME/.ssh directory needs specific restrictive permissions. See the ssh man page for what permissions.
  If you mean something else about "...its ssh port from 22 to 100...", then I would need more clarification.

• Combo unix ssh port forwarding + iChatAV + Bonjour question

  I don't know which forum is best for this question, so thought I'd try here first.
  I've been tossing around the idea of picking up a couple of iSights and running iChatAV. Problem is, if I understand this correctly, iChatAV uses a couple of ports for connections to third-party servers: AOL buddy server or Jabber server, a port for something called snatmap, a port for SIP, and some other stuff. Plus, it requires that you open up nearly 20 ports on your network for the AV traffic! (I get nervous just having my non-standard ports for smtp and ssh open, and my imaps port open (which is another issue -- anybody know how to change imaps port 993 to a non-standard port if running uw-imap server?) It doesn't look like iChatAV can, normally, operate by "calling up" an IP address or hostname...it always has to set up calls using AOL or Jabber...unless, perhaps, the destination iSight/iChatAV is on your own Bonjour-capable subnet.
  So, I'm thinking, what if a calling party created a ssh tunnel and port-forwarded the dozens of UDP and couple of TCP ports over a ssh tunnel, as a lengthy list of port forward options like "-L 5297:localhost:5297 -L ...", (assuming that the forwarding host, to whom the caller ssh's, is the same computer that is running iChatAV, hence, the remote host specification in the "-L" option of "localhost"). Would the caller then be able to treat the connection like Bonjour networking and when he calls localhost on his end of the circuit, it "bonjours" to the called hostname's localhost and thus a peer-to-peer connection would be made?
  Or perhaps a reverse port forward tunnel ("-R" options) could be set up in advance by the "to-be-called" party, and then the calling party initiates a iChatAV call as a "same-subnet-as-calling-computer-via-Bonjour" type of call?
  I'm just kicking around some thoughts here; I don't know enough about the intricacies of iChatAV and Bonjour (and ssh) to really know all the "gotchas" and I'd like to get the planning done with a high degree of confidence of success before I plunk out $300 on two iSights.
  If the general concensus of the group moderator and others on this forum is that this question should be posted in another forum, I apologize, and I'll move, but I thought that the ssh tunneling nature of my inquiry (and my unrelated side question about how to change 993 to a non-standard port) made this forum the obvious, and best, choice.
  Thanks in advance for any thoughts on these issues!
  2001 Quicksilver G4   Mac OS X (10.4.5)  

  No, you can't do what you describe. You have to use port forwarding on the router for any incoming connections, and each port forward rule can only map to a single server/service.
  However, SSH has the ability to tunnel other connections, so it may be possible to remove one or more of the existing port forwarding rules and replace them with a SSH rule, then use SSH tunneling to get to those services. Of course, this will only work for services that only you (or other authorized users) need to access, and not public services such as web/http traffic (assuming you're running a public web site).
  The only other option would be to replace your router with one that doesn't have such a strict limit on the number of port forwarding rules.

• Ssh Port Forwarding Stopped Working

  I have used ssh port forwarding in the past, and it has come in handy.
  I have recently upgraded to Mavericks, but it does appear that my ssh port forwarding stopped some time before this. The last time I know it worked was 5/14/14, and feel it has worked more recently as well.
  Here's what I do, from my Mac I ssh to my work jump server (port 22, let's say its IP is 11.22.33.44), and my jump server has access to work PC (lets say IP of 10.1.2.3). My work PC has RDP running on it on the common port 3389. I have verified that I can set up a working RDP session at work from another box. Also, I know that my jump server can get to my PC at work as I can ping my work IP if I just ssh straight to my jump server. And I know that there is no firewall stopping me from the jump server as I can also open a telnet session to my work PC on port 3389, without errors.
  So, here's how I have done it in the past and it has worked, but now recently stopped working in Terminal app:
  ssh  -f  [email protected]  -L  3388:10.1.2.3:3389  -Nnv
  The verbose logging shows that it sets up connectivity. If I then look to see if my local port is listening I can type:
  netstat  -an  |  grep  127.0
  I will note that port 3387 is in fact LISTENing and waiting for connection
  I then start my RDP client app, and start a session to "localhost:3387" (I could also use "127.0.0.1:3387", and have, but it does not work either). My RDP client eventually times out. I have turned my firewall off and on, neither way works.
  Does anyone know why this may have stopped working?
  Your input is most appreciated.
  The verbose log shows the following is setup appropriately (with noted modifications to server names and actual IPs):
  debug1: Authentication succeeded (keyboard-interactive).
  Authenticated to somewhere.net ([11.22.33.44]:22).
  debug1: Local connections to localhost:3387 forwarded to remote address 10.1.2.3:3389
  debug1: Local forwarding listening on 127.0.0.1 port 3387.

  Unfortunately I don't have another device to test if RDP is working on my LAN, however, when I check out my network connections and this is what I see after setting up the ssh tunnel and prior to attempting the RDP connection (again names protected):
  my-rmbp:~ me2$ netstat -an | grep 127.0
  tcp4       0      0  127.0.0.1.3387         *.*                    LISTEN
  Then, as it is difficult to catch in the middle of TCP 3-way handshaking, here's what happens after an attempt with the RDP client while it sits and spins:
  my-rmbp:~ me2$ netstat -an | grep 127.0
  tcp4       0      0  127.0.0.1.3387         127.0.0.1.50323        FIN_WAIT_2
  tcp4       0      0  127.0.0.1.50323        127.0.0.1.3387         CLOSE_WAIT
  tcp4       0      0  127.0.0.1.3387         *.*                    LISTEN
  You can clearly see it's attempting to make a connection over the tunnel via my RDP client, but it's being shut down right away. I will obtain a WireShark packet capture and see exactly what's happening. Oh, and if I tried to RDP to a port other than the one I set up the port forwarding tunnel with, RDP would disconnect right away.
  What I'm most interested in is why, without any known changes, other than OS updates, did this work a few months ago, and now it does not?
  I have also tried other test ssh port forwarding, such as to www.apple.com forwarding 8080 on localhost to 80, and others, and none of those work either with web browsers, I assume this is something Apple has done to disable ssh port forwarding/tunneling. Perhaps someone else has bumped into this and found a fix? Please share!
  Also, I have heard that you have to be root in order to set up port forwarding, but clearly this is not accurate, as it worked before, and also as you can see above it worked without root. But I tried both ways, and sadly neither worked.
  Could it by my jump server? Possibly, but others at work do this and it works just fine for them from their Windoze PCs. So can't be that either.
  Perhaps my capture will tell me, I'll report back here with what I discover. Thanks in advance!

• Enhanced security via non-standard ssh port?

  I am using my Snow basestation as a NAT router, and I have a pass-through to my machine for ssh. This is working fine now. However, I got to thinking that there is value in changing the ssh public port to a non-standard port, like 14038 and routing that to my mac's private port of 22. Doing so, however, merely breaks my ability to log in (note that I have updated my ssh client to point to the new ssh port of 14038)
  Does ssh burp on any port other than 22? Do others have a positive experience running this? Might my ISP (earthlink) be blocking non-standard IP ports?
  With much gratitude,
  Kyle

  I sold the Snow basestation -- so the question is moot now.

• Changing VPN port

  Since there are several VPN solutions at my office firewall I need to be able to change the port used by L2TP when connection using VPN.(e.g. set it to port 1000 and NAT it to 1701 in the firewall). I'm using the build in VPN client. However I can't find anywhere to change VPN port. Isn't this possible?
  Message was edited by: jornki

  I'm not sure about doing this with the VPN...
  But you could tunnel from one machine to another (similar to a VPN) using SSH. You can set SSH to answer on any port. So maybe this would work for you.
  This article describes exactly what may work for you:
  http://www.afp548.com/article.php?story=20040815101734513&query=ssh
  Jeff