Cant change ssh port Ubuntu 20.04

SYSTEM INFORMATION
OS type and version Ubuntu 20.04
Webmin version 2.20

Should be simple but it does not work.
Using webmin to change port for ssh, apply changes but it does not work. I get no route to port.
The port is open in the firewall
What is wrong

You are probably doing this but when you ssh in to the server you are adding the new port to the command ? Reason I ask is if not port is supplied to ssh it will default to port 22 & if you have removed port 22 from your firewall rules you could get this error. try telnet to connect

telnet domain-name/ip port

where domain-name is your server name, ip is your server IP and port is your new ssh port, only supply either domain-name or ip not both. and see if it connects. If it fails I would suspect somehow the port is not open, I think your using CSF so it maybe worth checking in that module that the port is open and also check that the ssh server is up and running, run this as root

systemctl status sshd

and

lsof -i |grep sshd

if you can not ssh into the server use the webmin terminal option to run these commands
located at webmin->tools->terminal or here

I use the port also but as soon as I have changed port in the server I get no route to 1.1.1.1 port 5504. If I change back it work directly because both ports are still open in the fw

so when you change the port & restart ssh have you checked
The ssh server is running & listening on the new port ?

I disabled the firewall and still get no ssh: connect to host jv80.se port 5504: No route to host

have you checked that the server is running with port 5504 ?

Your cloud provider may have a firewall as well.

1 Like

how do you mean?

ss -tnlp | grep 5504

nmap shows this

LISTEN 0 128 0.0.0.0:5504 0.0.0.0:* users:((“sshd”,pid=49221,fd=3))
LISTEN 0 128 [::]:5504 [::]:* users:((“sshd”,pid=49221,fd=4)

That I really doubt. I have 3 servers with them and the other 2 is no problem. Only difference is that they have no control panel. its email servers and all is controlled by ssh and the mail server UI

dig you not look at the nmap results ? port 5504 is filtered by the firewall and not fully open

1 Like

but why does it not work without the firewall

Linux firewall from webmin

ACCEPT If protocol is TCP and input interface is not lo and destination port is 5504 and state of connection is NEW

Just change it to accept so we can remove that from the trouble shooting

done now. IA quesstion. CSF is set to only allow protocol 2. Can that be a problem? its a recommended setting

Ping works but traceroute doesn’t. With or without the port. I’m guessing you ISP has an external firewall.

mit@~:traceroute 184.174.32.123
traceroute to 184.174.32.123 (184.174.32.123), 30 hops max, 60 byte packets
 1  _gateway (192.168.0.1)  0.335 ms  0.340 ms  0.384 ms
 2  xxxxxx57-021.inf.spectrum.com (xxx.xxx.157.21)  9.445 ms  9.398 ms  9.299 ms
 3  lag-61.yxxxxxx.charter.com (xxx.xxx.116.253)  24.122 ms  23.992 ms  24.073 ms
 4  lag-25.xxxxx.etops.charter.com xxx.xxx.103.230)  13.224 ms  13.047 ms  13.104 ms
 5  lag-25.rcr01clmkohpe.netops.charter.com (65.29.1.28)  16.717 ms lag-30.rcr01clmkohpe.netops.charter.com (65.29.1.40)  18.311 ms lag-25.rcr01clmkohpe.netops.charter.com (65.29.1.28)  18.354 ms
 6  lag-15-10.chctilwc00w-bcr00.netops.charter.com (66.109.6.68)  28.647 ms * *
 7  ae13.edge2.chi10.sp.lumen.tech (4.68.37.137)  30.866 ms  29.073 ms  28.993 ms
 8  * ae1.3107.edge6.dus1.neo.colt.net (171.75.9.193)  121.416 ms  121.329 ms
 9  giga-hostin.edge6.dusseldorf1.level3.net (62.67.22.194)  124.593 ms giga-hostin.ear2.dusseldorf1.level3.net (62.67.20.82)  121.099 ms  121.052 ms
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  *^C

I will check. If so I will kill him

Number nine is the cloudhost. The only thing I dont understand is it why it is no problem with 2 servers out of 3. The only trouble is with the one with Webmin/Virtualmin on it