ssh config file + not sure about #

[kanyon00]

First off I am new to linux, but loving it so far. I recently installed ssh. I want to change my port to make my box more secure. I changed the port in /etc/ssh/ssh_config, but it is still looking at port 22. Is there somewhere else I need to change the port?

The # in a config file means what? I thought it was for a comment. In the ssh config file all the options have a # in front of it. Does that mean ssh will ignore those options? Do I need to remove the # for the config file to use those options?

Thanks,

Alan

[objuan]

Yes you will need to remove the # in front of anything you wish to uncomment.

[kanyon00]

Everything in the ssh config file is set with the # in front of it. If that's the case then where is it pulling port 22 from? /etc/xinetd.d/ssh ????

Thanks,

Alan

Yes you will need to remove the # in front of anything you wish to uncomment.

[objuan]

Alan
the file you need to set up is /etc/ssh/sshd_config here are the basic settings just change the port number to the one you want, but sure that its not in uses. once you have uncommented everything here you will need to restart ssh. this is how to restart for debian
/etc/init.d/ssh restart


Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
UsePrivilegeSeparation yes
KeyRegenerationInterval 3600
ServerKeyBits 768
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication yes
PasswordAuthentication yes
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM yes

[anomie]

Everything in the ssh config file is set with the # in front of it. If that's the case then where is it pulling port 22 from?

The default values (i.e. the values that will be used if you don't explicitly specify otherwise) are documented in man 5 sshd_config.

[kanyon00]

Thanks for the fast response. It seems when I change port 22 in the sshd_config file to something else I can't get in. For example I set the port to 5382 and uncommented just the port line. I also opened up my router for port 5382. Maybe my isp is blocking that port? I wouldn't think so??? Maybe I should choose another port and try again tonight. I will also uncommented the rest of the items as well. Hopefully this will work =).

Thanks

Alan
the file you need to set up is /etc/ssh/sshd_config here are the basic settings just change the port number to the one you want, but sure that its not in uses. once you have uncommented everything here you will need to restart ssh. this is how to restart for debian
/etc/init.d/ssh restart


Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
UsePrivilegeSeparation yes
KeyRegenerationInterval 3600
ServerKeyBits 768
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication yes
PasswordAuthentication yes
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM yes

[kanyon00]

Ah, thanks! I should of read that from the start. =) Hopefully we will get this baby working on a different port.

The default values (i.e. the values that will be used if you don't explicitly specify otherwise) are documented in man 5 sshd_config.