We have moved to a new Sailfish OS Forum. Please start new discussions there.
5

How to configure sshd to listen on a different port?

asked 2013-12-28 04:08:53 +0200

updated 2014-01-20 13:17:25 +0200

lk gravatar image

I want to configure sshd to listen on a different port (above 1000). I already edited /etc/ssh/sshd_config:

[...]
Port 40233
[...]

But either reboot, nor restart of service sshd.service seems to be changing the port(stopping of sshd.service does nothing in fact, open ssh-connections were still working)

edit retag flag offensive close delete

Comments

I actually changed the port like you described it and after I restarted the ssh service I had to use the new port just as expected. EDIT: OK so appearently it worked for me because I actually started sshd instead of restarting it - after a reboot the changed port failed for me of course.

t4k1t ( 2013-12-28 12:52:06 +0200 )edit
1

yeah then you had systemd listening on port 22 and sshd on port 40233 for the moment. But I guess that's not what he wanted.

Kontio ( 2013-12-28 13:15:34 +0200 )edit

1 Answer

Sort by » oldest newest most voted
14

answered 2013-12-28 13:02:11 +0200

Kontio gravatar image

updated 2013-12-28 13:13:34 +0200

In Sailfish OS sshd does not run in daemon mode (there is no need to waste memory for that all the time on a phone!). The process listening on port 22 is init resp. systemd, which on incoming tcp connections on port 22 launches sshd in inetd mode. So changing /etc/ssh/sshd_config does not do anything.

If you want to change the port you have to edit /lib/systemd/system/sshd.socket change ListenStream=22 to ListenStream=40233, then do:

systemctl --system daemon-reload

check with netstat that it's listening on port 40233 now:

netstat -tanpou| grep 40233
tcp        0      0 :::40233                    :::*                        LISTEN      1/init              off (0.00/0/0)

That stopping/restarting sshd does not disconnect current session is normal (in this case specially, but also when ran in daemon mode), imagine how many sysadmins would have locked out them self from a machine, when updating sshd or changing the config of sshd which might also lock them out?!

Update: If you don't want that each update overwrites the setting, you might want to copy /lib/systemd/system/sshd.socket to /etc/systemd/system.

edit flag offensive delete publish link more
Login/Signup to Answer

Question tools

Follow
7 followers

Stats

Asked: 2013-12-28 04:08:53 +0200

Seen: 2,366 times

Last updated: Dec 28 '13