RE: I was refering to the file /etc/services.... why would I go for changing the pair service port<->service name defined in the file to the new port? I miss the benefit here
Hrm, so what your asking is why change the port that sshd listens on when all you have to do is forward whatever port to port 22 on your shell server?
OK: First off, I do stuff the hard way. At least that's what everyone says, heh. Here is an excerp from my firewall script.
$IPTABLES -A INPUT -i $INTIF -d $INTIP -p tcp --dport 52320 -j ACCEPT
Then the Nat Table
$IPTABLES -t nat -A PREROUTING -i $EXTIF -p tcp --dport 52320 -j DNAT --to-destination $SHELLSERVER
Also, here's an excerp from sshd_config.
CheckHostIP yes
IdentityFile ~/.ssh/id_rsa
IdentityFile ~/.ssh/id_dsa
Port 52320
Protocol 2
--------------------------------
First off, it doesn't matter how you do it like in mathematics for example ( Problem = (10 - 5) = 5 ) Below is how I would have worked this out.
Solution = (start at 5 and count up to 10) = 5 The answer came from addition for a subtraction problem, so to speak.
Just as long as you get the job done, it doesn't matter how you do work it out, As Long As It's RIGHT in the end
Here's My Reason for doing it this way.
1. Takes less time to do.
2. I really don't care how it's done, the end result is still the same.
3. Unless you are in love with port 22, you can change it. (It can be done)
4. All I had to do was change port numbers in both files (sshd_config and iptables script)
5. No writing a line or two extra in the iptables script, just changed port numbers in the already exsisting file.
The DOWNSIDE:
when you ssh into whatever server it will be on whatever port you set it to, like this would be me.
ssh
username@my-server.my-domain -p 52320 ( poof! Login)
It's that simple, but I do run a terminal launcher with those configs already set, I click the icon and get a prompt.
Now: if you are a true linux geek that bounces from one machine to the next via terminal ( reading logs, ect.. whatever)
then this may not be an option for you, but if you want simplicity it's all in how you setup X and your desktop preferences.
BTW: I'm not saying you have to use this option ( /me doesn't take any responsibility for anyone's actions but his own )
Yes, I'm a irc geek with the /me reference