Quote:
Originally Posted by kpenrose
There isn't any problem with ssh listening on one port and forwarding to port 22 (its normal listener)?
|
What I described does not involve "forwarding to port 22." The server simply listens on a different port. It is possible to leave it listening on port 22 and forward the incoming connection to port 22, but unless you have a need to have the ssh server also listening on port 22, I would recommend just changing its listening port.
To do that, you need to edit
/etc/ssh/sshd_config. You must do this as
root, but you can use your favorite editor. Find the line that says
Port 22
and change 22 to the port you want to listen to. You must then restart
sshd or, if you know what you are doing, sending the root
sshd process a SIGHUP. If you connect using the
ssh command, you can simply include the option
-p 8080 along with any other options on the command line. You can also edit
~/.ssh/config ("~" just refers to your home directory). to include a
Port statement like you did for the server, and it will use that port automatically unless you override it on the command line.
EDIT: What I described above for the server is correct if the server is directly connected to the Internet. If there is a "router" (more accurately a NAT device or hardware firewall) between the server and the Internet, then you must set the "router" up to do port forwarding. (Consult its manual on how to do this -- I can't advise.) In that case you can leave the server itself listenning on port 22 if you wish.