Enable SSH access through more than one port

Alejandro (a.k.a KZKG^Gaara)

1 minute

I explained some time ago how to configure the SSH service to work on a different port than 22, which is the default port. The objective of this was that all bots, cracking attacks to SSH are by default to port 22 (which I repeat, is the default), so by changing the port we will obtain more security.

But what to do if I want to configure SSH through another port BUT keeping SSH also on port 22? That is, having the need for the server to have SSH on more than one port, say for example on 22 and also on 9122

For this we modify the configuration file of the SSH daemon:

The following commands must be executed with administrative privileges, either with the root user or using the sudo command before the commands

nano /etc/ssh/sshd_config

There we will see something like this:

sshd_config_default

You will see that on line 5 there is something that says: "Port 22", well, we just have to duplicate that line below and change the port number. In other words, for our SSH service to also work for 9122 we must leave it like this:

sshd_config_mod

Then we must restart the service:

service ssh restart

If they use Arch it would be:

systemctl restart sshd

When you want to connect through a port other than 22 remember, you must add -p $ PORT in the connection line, something like this:

ssh usuario@servidor -p 9122

By the way, I recommend you check the sshd_config file from before, there are some very interesting options 😉

regards


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Rodrigo Pichiñual said
    ago 10 years

    Good tips to change the default port of ssh ... to prevent attacks on port 22.

    I think that only one port should be left ... and this has to be different from 22 so that the attacks have no effect.

    regards

    Reply to Rodrigo Pichiñual
    1.    KZKG ^ Gaara said
      ago 10 years

      Thanks for reading 🙂

      Reply to KZKG ^ Gaara
  2.   dhunter said
    ago 10 years

    My latest findings have been:

    PermitRootLogin on
    y
    AllowUsers john jack chester…. etc

    With this I limit enough the possibilities of cracking, if you add a good iptables ... well we are.

    Reply to dhunter
    1.    KZKG ^ Gaara said
      ago 10 years

      In fact, I prefer to use PortKnocking 😀

      Reply to KZKG ^ Gaara
  3.   cr0t0 said
    ago 10 years

    As always KZKG ^ Gaara, excellent your articles on SSH. With your guides we are losing the fear of TERMINAL

    Reply to cr0t0
    1.    KZKG ^ Gaara said
      ago 10 years

      Thank you

      Reply to KZKG ^ Gaara
  4.   Nebuchadnezzar said
    ago 10 years

    OOOOOOOOhhhh !!!!

    Reply to Nebuchadnezzar
  5.   federico said
    ago 10 years

    Very good article, wild !!!

    Reply to federico
  6.   Chris said
    ago 10 years

    Apart from changing the port number, to further limit the attacker's options it is also recommended to disable the login with USER: PASS

    Password Authentication no

    and use private / public key authentication.

    Good post.

    Salu2

    Reply to Chris