| SYSTEM INFORMATION | |
|---|---|
| OS type and version | Ubuntu 22.04 |
| Webmin version | Latest |
I cant change ssh port whatever I try and whatever guide I follow. Is there a special way to do it? I have tried in webmin and also using ssh but same result. As soon as I change I get no connection to host. If I change back to 22 it works directly. I have opened the new port in the FW and also tested with a disabled FW.
What do I do wrong??
Did you restart the ssh server? I changed mine and didn’t have a problem.
yes I did it was the first I thought of
Does your provider have a separate firewall?
No, and I only use UFW. I have a second vps with the same provider and its no problem with that one… Only difference is that it has Ubuntu 20.04, not 22.04 as the new one
The default firewall for WM/VM is Firewalld. Maybe there is an unresolved problem?
Here is my /etc/ssh/sshd_config relevant section:
PubkeyAuthentication yes
PermitEmptyPasswords no
PasswordAuthentication no
Port 2XX2
What is the output of
netstat -ap |grep ssh
You may have to replace ssh with your port. I renamed mine in services so my new port shows as ssh.
I connect with a script and a key. Note, I think you can have up to 3 -v’s for maximum output.
#/bin/bash
ssh -v -p 2XX2 moot@X.X.X.X
Whwn I change in sshd_config I get
connect to host 178.18.255.34 port 5504: No route to host
Netplan
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 606/sshd: /usr/sbin
tcp 0 128 hobbycharken.org:ssh 185.60.238.11:45576 ESTABLISHED 96834/sshd: anders
tcp 0 53 hobbycharken.org:ssh 181.179.192.35.bc:48176 FIN_WAIT1 -
tcp6 0 0 [::]:ssh [::]:* LISTEN 606/sshd: /usr/sbin
unix 2 [ ACC ] STREAM LISTENING 1233464 96837/systemd /run/user/1002/gnupg/S.gpg-agent.ssh
unix 2 DGRAM CONNECTED 1236245 96834/sshd: anders
unix 3 STREAM CONNECTED 1233477 96863/sshd: anders@
unix 2 STREAM CONNECTED 1236226 96834/sshd: anders
unix 3 STREAM CONNECTED 1233478 96834/sshd: anders
unix 3 STREAM CONNECTED 20023 606/sshd: /usr/sbin
Just to be sure I allowed the new port in Firewalld even if I dont use it, but no chage
I see no module for UFW. But, using the info above I confirmed I could connect to the server port 22. If I changed it to what’s listed above. No connect.
I don’t know the command line of UFW. Can you show us the proper command line output to show us UFW is indeed listening to the the new port you chose?
The netstat command is kinda useless when using port 22. You need to run it from the webmin terminal when the new port is supposedly in effect. That will show us that sshd is set to the new port as expected.
From the Webmin terminal:
Show us command line that shows us the correct port is open.
Show us the netstat that shows us what port sshd is listening on.
To Action From
80 ALLOW IN Anywhere
443 ALLOW IN Anywhere
3536 ALLOW IN Anywhere
5504 ALLOW IN Anywhere
22 ALLOW IN Anywhere
53 ALLOW IN Anywhere
root@hobbycharken:~# netstat -ap |grep ssh
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN 103120/sshd: /usr/s
tcp 0 0 hobbycharken.org:ssh 185.60.238.11:51298 ESTABLISHED 103148/sshd: anders
tcp 0 53 hobbycharken.org:ssh 181.179.192.35.bc:48570 FIN_WAIT1 -
tcp6 0 0 [::]:ssh [::]:* LISTEN 103120/sshd: /usr/s
unix 2 [ ACC ] STREAM LISTENING 1339748 103156/systemd /run/user/1002/gnupg/S.gpg-agent.ssh
unix 3 STREAM CONNECTED 1337019 103185/sshd: anders
unix 2 DGRAM CONNECTED 1339680 103148/sshd: anders
unix 3 STREAM CONNECTED 1337020 103148/sshd: anders
unix 2 STREAM CONNECTED 1341518 103148/sshd: anders
unix 3 STREAM CONNECTED 1340682 103120/sshd: /usr/s
root@hobbycharken:~# ^C
root@hobbycharken:~#
Unless you changed the port name in /etc/services, your sshd is still listening on port 22.
netstat -ap |grep 5504Yes because I need access to the server via ssh. So I still need 22. But want to change
After change to 5504.
No access
tcp 0 0 0.0.0.0:5504 0.0.0.0:* LISTEN 103120/sshd: /usr/s
tcp 0 52 hobbycharken.org:ssh 185.60.238.11:51298 ESTABLISHED 103148/sshd: anders
tcp 0 52 hobbycharken.org:ssh 181.179.192.35.bc:40150 ESTABLISHED 108477/sshd: unknow
tcp6 0 0 [::]:5504 [::]:* LISTEN 103120/sshd: /usr/s
unix 2 [ ACC ] STREAM LISTENING 1339748 103156/systemd /run/user/1002/gnupg/S.gpg-agent.ssh
unix 3 STREAM CONNECTED 1337019 103185/sshd: anders
unix 2 DGRAM CONNECTED 1339680 103148/sshd: anders
unix 3 STREAM CONNECTED 1337020 103148/sshd: anders
unix 2 STREAM CONNECTED 1341518 103148/sshd: anders
unix 3 STREAM CONNECTED 1340682 103120/sshd: /usr/s
unix 3 STREAM CONNECTED 1376965 108477/sshd: unknow
unix 3 STREAM CONNECTED 1376964 108478/sshd: unknow
ssh: connect to host 178.18.255.34 port 5504: No route to host
I’m not sure where you are changing this setting. Not sure why you won’t run the netstat from the webmin terminal as asked. You could have a port conflict. Hard to say, but it seems ssh isn’t listening on the port you think.
Netstat from the terminal
root@hobbycharken:~# netstat -ap |grep ssh
tcp 0 0 0.0.0.0:5504 0.0.0.0:* LISTEN 103120/sshd: /usr/s
tcp6 0 0 [::]:5504 [::]:* LISTEN 103120/sshd: /usr/s
unix 3 STREAM CONNECTED 1340682 103120/sshd: /usr/s
root@hobbycharken:~# ^C
root@hobbycharken:~#
And I change in the gui in Webmin
I have 3 vps servers up and running with the same provider. 2 is no problem, both on ubuntu 20.04. Only this one is not working properly… I think IO know what I am doing but it does not help
Do you use UFW on the 20.04 boxes?
It suggests to me that there is a possible conflict having both UFW and Firewalld operating together.
