EFW Support

Hey EFW Community!

Is there a way to change the SSH port from 22 to something else?

Thanks

I have the same question. 

I edited the  /etc/ssh/ssh_config file and changed the port but it still connects on port 22.  I need to connect on 443 so I can connect through proxy while on customers sites.

Have you tried changing the port number in /etc/ssh/ssh_config.tmpl and then restarting?

Yes.  I made the change in both  /etc/ssh/ssh_config.tmpl and  /etc/ssh/sshd_config.tmpl, with no luck.  It does change the port but I cannot seem to get it to connect. 

on port 22 it connects fine and when I change it to 443 I was able to verify that it is listening but I cannot get it to connect.  Checked listening ports with netstat and nothing else is on 443 so it should not be a port conflict.


root@Firewall:~ # netstat -lnptu | egrep 'Proto|LISTEN' | grep 443
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 0.0.0.0:10443               0.0.0.0:*                   LISTEN      3120/httpd
tcp        0      0 :::443                      :::*                        LISTEN      3038/sshd       

Maybe a port forwarding from 443 to 22?

Finally dug up the rule for anyone that is trying to do this. 

After the changes to the /etc/ssh/ssh_config.tmpl and /etc/ssh/sshd_config.tmpl the changes can be done through the web page by "Firewall -> System Access -> Add rule".   It will need to be assigned to the interfaces that you want SSH access to. 

Test to make sure that this is the issue can be performed by using the iptables command from the shell to make it accept the inbound traffic.  Not persistent between reboots so better to do it through the web interface.

iptables -I INPUT 1 -p tcp --dport 443 -m state --state NEW -j ACCEPT