LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 08-16-2011, 01:24 AM   #1
NirvanaBaby
LQ Newbie
 
Registered: Jan 2011
Posts: 17

Rep: Reputation: 0
ssh to non-22 not working, edited sshd_config and restarted sshd


So according to at least three sites I've been to, all I should need to do is edit the one line in sshd_config to another port (29 in this case, which is unused) and restart sshd. I've set my router to port forward to 29 on my server. 22 works. 29 works when I ssh locally but not from another computer on the internal network or from outside. using Fedora 12. Help?? Tanx in advance.
 
Old 08-16-2011, 02:10 AM   #2
kirukan
Senior Member
 
Registered: Jun 2008
Location: Eelam
Distribution: Redhat, Solaris, Suse
Posts: 1,278

Rep: Reputation: 148Reputation: 148
what is the output? for
Quote:
netstat -pnl | grep sshd
 
Old 08-16-2011, 02:15 AM   #3
NirvanaBaby
LQ Newbie
 
Registered: Jan 2011
Posts: 17

Original Poster
Rep: Reputation: 0
Kirukan, grep output is:

tcp 0 0 0.0.0.0:9222 0.0.0.0:* LISTEN 1808/sshd
tcp 0 0 :::9222 :::* LISTEN 1808/sshd

What is the 1808 business? No clue here, never muddled in this before. Thanks for your help.
 
Old 08-16-2011, 02:20 AM   #4
kirukan
Senior Member
 
Registered: Jun 2008
Location: Eelam
Distribution: Redhat, Solaris, Suse
Posts: 1,278

Rep: Reputation: 148Reputation: 148
The whole clue are there, instead of asking all you just refer either from manpage or web.
1808 is process id
9222 is port listening sshd.

Be patient with forum members Dear Friend..
 
Old 08-16-2011, 02:20 AM   #5
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393
Hi,

Quote:
tcp 0 0 0.0.0.0:9222 0.0.0.0:* LISTEN 1808/sshd
tcp 0 0 :::9222 :::* LISTEN 1808/sshd
The green part is the port that sshd listens on and the blue part is the PID of the sshd process (do a ps -ef | grep 1808)

In your first post you mention sshd listens on port 29, it seems that is not the case. It listens on 9222.

Hope this helps.
 
Old 08-16-2011, 02:29 AM   #6
NirvanaBaby
LQ Newbie
 
Registered: Jan 2011
Posts: 17

Original Poster
Rep: Reputation: 0
Thanx, I did now change port from 9222 to 29 in config file, missed that. restarted sshd, failed to stop. going back to 9222. restarts ok but no ssh. Thanks for the quick replies, all...
 
Old 08-16-2011, 02:42 AM   #7
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393
Hi,
Quote:
Originally Posted by NirvanaBaby View Post
Thanx, I did now change port from 9222 to 29 in config file, missed that. restarted sshd, failed to stop. going back to 9222. restarts ok but no ssh. Thanks for the quick replies, all...
Am I assuming correctly that this is not fixed?

If so (as root user):

- Stop the sshd daemon,
- Change the port/listenaddress,
- Start sshd daemon.

Can you post the output of the following command (as root user): egrep -i "listen|port" /etc/ssh/sshd_config

Hope this helps.
 
Old 08-16-2011, 11:02 PM   #8
NirvanaBaby
LQ Newbie
 
Registered: Jan 2011
Posts: 17

Original Poster
Rep: Reputation: 0
Druuna, you assume correctly, not fixed. I did what you said. Stopped daemon, changed port, started daemon. Here's what my file looks like:
#Port 22
Port 9222
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

I also want to ask you about your use of egrep as, though I'm not a noob, I'm not a fecking expert and had to google egrep. Was your use of a pipe in "listen|port" a logical OR? it seems to be because anything with either "listen" or "port" was returned. Any education on the use of egrep would be bonus. here is my output from egrep, though it's the same as my paste above:
[root@Dysnomia ssh]# egrep -i "listen|port" /etc/ssh/sshd_config
#Port 22
Port 9222
#ListenAddress 0.0.0.0
#ListenAddress ::


Tanx!
 
Old 08-17-2011, 02:34 AM   #9
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393Reputation: 2393
Hi,
Quote:
Originally Posted by NirvanaBaby View Post
Druuna, you assume correctly, not fixed. I did what you said. Stopped daemon, changed port, started daemon. Here's what my file looks like:
#Port 22
Port 9222
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
It isn't clear to me if you want to use port 29 as mentioned in your first post or port 9222 as shown in the above output. But either should work, even if the content of the sshd_config file is very minimalistic.

You mention that this is not fixed, what exactly do you mean by that? Assuming you want to use port 29 and changed the sshd_config file accordingly; Are you able to use ssh locally (I.e: ssh -p 29 localhost and ssh -p a.b.c.d and/or are you able to access this box from another box?

If you can ssh locally it proves that the sshd daemon is listening and working. You can make sure by checking with this command: netstat -pln | grep ssh.
If you cannot access this box from a remote box you might have a firewall in place that needs to be changed (it probably allows access to/from port 22, but not any other port).

Quote:
I also want to ask you about your use of egrep as, though I'm not a noob, I'm not a fecking expert and had to google egrep. Was your use of a pipe in "listen|port" a logical OR? it seems to be because anything with either "listen" or "port" was returned.
The part between the double quotes is a regular expression and thus the | is seen as an OR. Grep normally only takes 1 pattern, using egrep (or grep -E) tells grep that an extended regular expression is being used. Have a look at man grep, especially the REGULAR EXPRESSIONS section.

Hope this helps.
 
Old 08-17-2011, 05:15 AM   #10
lithos
Senior Member
 
Registered: Jan 2010
Location: SI : 45.9531, 15.4894
Distribution: CentOS, OpenNA/Trustix, testing desktop openSuse 12.1 /Cinnamon/KDE4.8
Posts: 1,144

Rep: Reputation: 217Reputation: 217Reputation: 217
if your IPTABLES are up and running then you need to make it allow to connect to port 9222
 
Old 08-17-2011, 01:02 PM   #11
NirvanaBaby
LQ Newbie
 
Registered: Jan 2011
Posts: 17

Original Poster
Rep: Reputation: 0
Lightbulb Thanks all!

Thanks to everyone who gave assistance on this. It was COMPLETELY UNECESSARY however. I'm surprised no one asked "why are you doing this?" All i wanted to do is ssh to more than one box from the outside when all I need to do to accomplish this is remote into one and from there, remote to the other. No need for more than one port on firewall. >< Hey, at least I learned egrep, thanx!
 
Old 08-18-2011, 01:46 AM   #12
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 15.0
Posts: 1,332

Rep: Reputation: 255Reputation: 255Reputation: 255
Just to note, that you could also create a tunnel between the final machine and the local one, in case you want to copy something between these two without copying it first to the machine in the middle. The -L option to ssh will do it.
 
Old 08-18-2011, 09:32 AM   #13
NirvanaBaby
LQ Newbie
 
Registered: Jan 2011
Posts: 17

Original Poster
Rep: Reputation: 0
Thanks for tunnel suggestion

I didn't know that, Reuti, I'll research -L.
 
Old 08-18-2011, 09:48 AM   #14
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 15.0
Posts: 1,332

Rep: Reputation: 255Reputation: 255Reputation: 255
First you need to create the tunnel by logging in to the machine in the middle:
Code:
$ ssh -N -L 1234:final_machine:22 middle_machine
If you don’t get any further complains, then the tunnel was created. Then use another session to issue:
Code:
$ ssh -p 1234 localhost
and you will be connected to the final machine. Just note that for scp the option for the port is in uppercase.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Starting sshd: /etc/ssh/sshd_config line 60: garbage at end of line; "no". any clue? loba09 Linux - Server 1 02-17-2011 07:04 PM
sshd_config : ListenAddress not working michalng Linux - Networking 5 04-06-2010 06:00 PM
/etc/ssh/sshd_config: Permission Denied cK` Linux - Newbie 3 04-05-2010 11:58 PM
Remotely replaced sshd_config, CentOS 5.3/SSH 4.3p2-36el5_4.2 OffbeatAdam Linux - Security 14 11-25-2009 11:39 AM
Enabling SSH in mandrake 9.2 - sshd vs. sshd-xinetd DogTags Linux - Newbie 7 11-25-2003 12:17 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 04:13 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration