On 13 January 2014 14:52, Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> wrote:
On Sun, Jan 12, 2014 at 12:24:55PM -0500, Jim wrote:Either you put it there or someone else did. The default, of course, is 22.
> >I've not seen where you've posted or indicated that you changed the "Port" parameter in /etc/ssh/sshd_config.
> I went into /etc/ssh/sshd_config. and changed the port from 35881 to 7777
> and restarted sshd , what puzzels me is how the setiing of port 35881 got
> in /etc/ssh/sshd_config.
And just to make it clear binding on a port greater than 1024 is a very bad idea since anything can bind >1024 but only root can bind less than 1024.
With your setup if something crashed sshd (via random corruption or exploit) then an attacker would be able to start listening on that port and then use it to grab credentials etc.
If you want to use a port other than 22 pick something below 1024 ... or in the alternative have it bind to 22 but have the firewall redirect a higher port to 22 ...
Did you disable selinux or did you add your high port to the list of allowed ports? usually selinux will block that ...
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
