Changing the SSH port number

[GreenSkyChris]

Hi, im using CentOS 5.2 and cant change my default ssh port number.

I have edited /etc/ssh/sshd_config to this

Code:

#       $OpenBSD: ssh_config,v 1.21 2005/12/06 22:38:27 reyk Exp $

# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for some commonly used options.  For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.


# Host *
#   ForwardAgent no
#   ForwardX11 no
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
   Port 222
#   Protocol 2,1
#   Cipher 3des
#   Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes$
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
Host *
        GSSAPIAuthentication yes
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
        ForwardX11Trusted yes
# Send locale-related environment variables
        SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESS$
        SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
        SendEnv LC_IDENTIFICATION LC_ALL

So I have uncommented the port line and changed it to 222 .

I have then restarted ssh by typing (as root) "sbin/service sshd restart" and it restarts fine but still is on 22 and not 222.

Any ideas why its not working? Am i doing it correctly?

Cheers,

Chris.

[Freston]

You should change the port number to an unprivileged port; any port above 1024 will do.

I'm not fully 100% sure, but I think it's sticking to the default because you're using a privileged port that is reserved for rsh-spx. Funny, I'd have thought it'd error rather than falling back to its default. Anyway, try a higher port and I think it'll work.


Also, these are a good idea to add:

Code:

protocol 2
PermitRootLogin no

[Lazydog]

Remove all the spaces in front of Port and then restart.
Check it with the following command:

Code:

/bin/netstat -plan | grep sshd

[GreenSkyChris]

You should change the port number to an unprivileged port; any port above 1024 will do.

I'm not fully 100% sure, but I think it's sticking to the default because you're using a privileged port that is reserved for rsh-spx. Funny, I'd have thought it'd error rather than falling back to its default. Anyway, try a higher port and I think it'll work.


Also, these are a good idea to add:

Code:

protocol 2
PermitRootLogin no

Done that, changed it to 1578 but still doesn't work.

Remove all the spaces in front of Port and then restart.
Check it with the following command:

Code:

/bin/netstat -plan | grep sshd

Thanks, I done that as well but is still on the default port of 22.

[Freston]

Thanks, I done that as well but is still on the default port of 22.

How do you know?

[GreenSkyChris]

How do you know?

from doing this...

Code:

/bin/netstat -plan | grep sshd

And also exiting and when I ssh back into it, it will only let me on port 22 and not the one ive changed it to.

[HROAdmin26]

Code:

#       $OpenBSD: ssh_config,v 1.21 2005/12/06 22:38:27 reyk Exp $

What file are you editing?

[GreenSkyChris]

Code:

#       $OpenBSD: ssh_config,v 1.21 2005/12/06 22:38:27 reyk Exp $

What file are you editing?

I am editing /etc/ssh/ssh_config

[Freston]

What file are you editing?

Ah! Indeed, indeed...

I am editing /etc/ssh/ssh_config

You want to be editing:

Code:

/etc/ssh/sshd_conf     # This is the sshd server system-wide configuration file.

[Lazydog]

The OP stated in the first post he was using sshd_config. If they are giving incorrect information how are we to know this?

Hi, im using CentOS 5.2 and cant change my default ssh port number.

I have edited /etc/ssh/sshd_config to this