SOLVED SSHD ??
James Hogarth
james.hogarth at gmail.com
Mon Jan 13 16:13:12 UTC 2014
On 13 January 2014 14:52, Matthew Miller <mattdm at fedoraproject.org> wrote:
> On Sun, Jan 12, 2014 at 12:24:55PM -0500, Jim wrote:
> > >I've not seen where you've posted or indicated that you changed the
> "Port" parameter in /etc/ssh/sshd_config.
> > I went into /etc/ssh/sshd_config. and changed the port from 35881 to 7777
> > and restarted sshd , what puzzels me is how the setiing of port 35881 got
> > in /etc/ssh/sshd_config.
>
> Either you put it there or someone else did. The default, of course, is 22.
>
>
And just to make it clear binding on a port greater than 1024 is a very
bad idea since anything can bind >1024 but only root can bind less than
1024.
With your setup if something crashed sshd (via random corruption or
exploit) then an attacker would be able to start listening on that port and
then use it to grab credentials etc.
If you want to use a port other than 22 pick something below 1024 ... or in
the alternative have it bind to 22 but have the firewall redirect a higher
port to 22 ...
Did you disable selinux or did you add your high port to the list of
allowed ports? usually selinux will block that ...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20140113/b81413d6/attachment.html>
More information about the users
mailing list