SOLVED SSHD ??

jdow jdow at earthlink.net
Tue Jan 14 03:33:01 UTC 2014 

On 2014/01/13 16:41, Jim wrote:
> On 01/13/2014 04:11 PM, jdow wrote:
>> On 2014/01/13 08:28, Jim wrote:
>>> On 01/13/2014 09:52 AM, Matthew Miller wrote:
>>>> On Sun, Jan 12, 2014 at 12:24:55PM -0500, Jim wrote:
>>>>>> I've not seen where you've posted or indicated that you changed the "Port"
>>>>>> parameter in /etc/ssh/sshd_config.
>>>>> I went into /etc/ssh/sshd_config. and changed the port from 35881 to 7777
>>>>> and restarted sshd , what puzzels me is how the setiing of port 35881 got
>>>>> in /etc/ssh/sshd_config.
>>>> Either you put it there or someone else did. The default, of course, is 22.
>>>>
>>> I'm not going to admit to anything I can get away with.
>>
>> Of course you can make a creative use for iptables to port forward 7777
>> to 22.
>>
>> {o.o}
>
>
> How would I do that?

I don't know how you would do that. I use a hand generated iptables
configuration without any tools other than vi involved. I have such
an exception built in for video streaming. It's not a simple thing
so the best I can do is recommend either blowing your brains out or
trying to read the inscrutable manual. Blowing your brains out may
be the less painful option. I'd look for "port forwarding". As I
used it the forwarding is to another specific machine. But forwarding
with the port number change is also possible to the iptables host
machine, of course.

I have this stanza in a parameter reading loop:
              REDIR="192.168.37.18"
              REDIRPORT="22983"
              echo "Setting up video forwarding"

The uses are as follows:

#######################################################################
# FORWARD: Enable Forwarding and thus IPMASQ
#
#

if [ -n "$REDIR" ]; then
     echo "     - FWD: Allow Video Streaming IN"
     $IPTABLES -A FORWARD -p tcp -i $EXTIF -o $INTIF -d $REDIR --dport 
$REDIRPORT -j ACCEPT
fi
... other stuff ...
if [ -n "$REDIR" ]; then
     echo "     - NAT: enabling nat video streaming forwading."
     $IPTABLES -t nat -A PREROUTING -p tcp -i $EXTIF -d $EXTIP --dport 
$REDIRPORT -j DNAT --to $REDIR
     $IPTABLES -t nat -A PREROUTING -p udp -i $EXTIF -d $EXTIP --dport 
$REDIRPORT -j DNAT --to $REDIR
fi


You may want something considerably different. And note that I have not
used this recently. I did have it working several years ago, though.

As I say - it's best to read the inscrutable manual.

{^_^}

More information about the users mailing list