Changed ssh port - but port not open?

I’d like to change the ssh port.

I changed it in webmin/servers/sshserver/networking

But I couldn’t sign on. I ran a port scan that said the port I changed it to is closed.

So I change the linux firewall setting for port 22, where is says:

If protocol is TCP and destination port is 22 and state of connection is NEW

to my selected port number (example):

If protocol is TCP and destination port is 4367 and state of connection is NEW

but that left both 22 and 4367 closed.

Where am I going wrong here?

Thanks, Chris

Still haven’t figured this one out, any help in getting this alternate ssh port open would be appreciated,

Chris

After changing your SSH port, be sure to click “Apply Changes” in Webmin -> Servers -> SSH Server.

It sounds like you’re dealing with either SSH not being restarted (which Apply Changes handles), or a firewall blocking the incoming request.

-Eric

Hi Audrey,

I haven’t put a firewall on it, just a clean install of centos 6.2 and virtualmin gpl.

I have applied the changes, and stopped/restarted ssh both from the ssh webmin interface and from the ‘status’ section on virtualmin.

If I look in the ssh config file, the port is changed on line 147 to: Port 4367

==when I have the ssh port set to: 4367==

If I run a port scan, it says neither 4367 nor 22 is responding.

If I try to log in with ssh to 22, I get a ‘connection refused’ message. If I try to ssh to 4367, I get a ‘timed out’ message.

==if I reset it the ssh port to: 22==

the port scanner says 22 is responding, and I am able to ssh to port 22 with no trouble. I get a ‘timed out’ if I try to ssh to 4367.

======

Is it that virtualmin is not opening a port for it?

When I changed the port for the login (the default 10000) to something else, that worked ok.

I can live with using port 22, but it seems like changing it should work ok…

Howdy,

Virtualmin doesn’t actually need to open a port for it…

If you’re not using any kind of firewall, then it should be immediately available if you change the SSH port and restart SSH.

Are you by chance behind a NAT router, or is your server directly on the Internet?

Also, after changing the port to 4367, you could make sure it’s working by running this command on your server:

netstat -an | grep 4367

Eric :slight_smile: - sorry about calling you Audrey :slight_smile:

netstat -an | grep 4367

gives me:

tcp 0 0 0.0.0.0:4367 0.0.0.0:* LISTEN
tcp 0 0 :::4367 :::* LISTEN

(logged in via ssh 22, then changed it and stayed connected and ran that command).

Does that mean it should be working?

No, the server has a unique ip, it is a vps through vps.net.

Did you try ssh -p 4367 localhost?

PS
you should change webmin’s port number as well (it is probably likely that webmin is “more” vulnerable than ssh :wink:

Ah, I got it going :slight_smile:

I had to go to webmin | networking | linux-firewall and change the line:

If protocol is TCP and destination port is 22 and state of connection is NEW

from 22 to the new port number.

I had done that before… but then I overlooked the ‘apply configuration’ button. Once I applied it, all is working.

I actually have two machines I am setting up, same thing occurred on both. I changed the port in the ssh settings, and then had to update it in the linux firewall settings (and then, um, actually apply the new settings!).

“you should change webmin’s port number as well”… yes, did that without any trouble, it was just the ssh that I had trouble with.

Thank you, I appreciate all the help I have received through this forum and the work that goes into virtualmin. It’s much more useful for me than those other panel things :slight_smile:

Chris

Sounds good (but we assumed that I haven't put a firewall on it, just a clean install of centos 6.2 and virtualmin gpl. :wink:

This helped me also. First I was confused by this message
**Warning!** It appears that FirewallD is being used to generate your system's firewall. Maybe you should use the [FirewallD module](https://00387.monster:10000/firewalld/) instead.
but searching this forum I found out that configuration persist on Linux Firewall

My port is now changed. Next thing is to forbid root to log in.