FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 02-18-2011, 08:07 PM
Alex
 
Default Running ssh on unreserved ports

Hi,

I'd like to run an ssh server as root on a port greater than 1024
instead of the normal 22 but selinux doesn't seem to like that. How
can I get around that?

I'd like to move it to a higher port to avoid the normal doorknob
rattling that occurs with ssh running on a public server.

Thanks,
Alex
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 02-18-2011, 08:26 PM
Genes MailLists
 
Default Running ssh on unreserved ports

On 02/18/2011 04:07 PM, Alex wrote:
> Hi,
>
> I'd like to run an ssh server as root on a port greater than 1024
> instead of the normal 22 but selinux doesn't seem to like that. How
> can I get around that?
>
> I'd like to move it to a higher port to avoid the normal doorknob
> rattling that occurs with ssh running on a public server.
>
> Thanks,
> Alex

Does this work for you (assumign 1234 is what you want to listen on)


semanage port -a -t ssh_port_t -p tcp 1234

g/
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 02-18-2011, 08:32 PM
Gabriel VLASIU
 
Default Running ssh on unreserved ports

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 18 Feb 2011, Alex wrote:

> I'd like to run an ssh server as root on a port greater than 1024
> instead of the normal 22 but selinux doesn't seem to like that. How
> can I get around that?
>
> I'd like to move it to a higher port to avoid the normal doorknob
> rattling that occurs with ssh running on a public server.
You can do this from iptables:

1. block port 22 in iptables

2. Add the following rule:
iptables -t nat -A PREROUTING -p tcp -m tcp --dport 2345 -m state --state NEW -j REDIRECT --to-ports 22


Gabriel

- --

// Gabriel VLASIU
//
// OpenGPG-KeyID : 0xE684206E
// OpenGPG-Fingerprint: 0C3D 9F8B 725D E243 CB3C 8428 796A DB1F E684 206E
// OpenGPG-URL : http://www.vlasiu.net/public.key


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFNXuWSeWrbH+aEIG4RAvtHAJ9YksR5Uv0gNqIuoelm5q s5bfmkpACfdgHm
tNGlmF/cHuI03wK51VqOpVs=
=mzGA
-----END PGP SIGNATURE-----
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 01:32 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org