Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Change the default SSH server port on 10.3' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Change the default SSH server port on 10.3
Authored by: ploute on Jun 10, '04 03:10:38PM
Hmm, i agree thad modifying /etc/services is a Bad Idea. gerti's idea seems better. i also strongly agree with Blue Hal : very easy to find ssh on a not-standard port ; this is not even obscurity, just try telnetting your ssh port to see what i mean :-) sshd immediately answers something like "SSH-1.99-OpenSSH_3.6.1p1+CAN-2003-0693" ... BUT : i also *need* to access my sshd through port 443 or 563 for proxy-in-the-middle reason (a proxy that won't accept to do SSL on non-SSL ports). My solution is to redirect port 563 to 22, instead of harming the standard config. To do this, either use something like BrickHouse, or create a /etc/natd.conf file, containing this :
interface en0
use_sockets yes
same_ports yes
redirect_port tcp your.ip.address.here:22 563
(assuming you're connected to the internet through ethernet : en0 ; change this with what you need) and run /usr/sbin/natd -f /etc/natd.conf I won't tell here how to create a startup script for this, use brickhouse if you don't know or just stw :) Then, you can configure your firewall to let in only trusted IPs or what you want.

[ Reply to This | # ]