Re: SSH on two ports
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Martin Hermanowski wrote:
> On Sat, Jan 14, 2006 at 01:58:55PM +0100, Michael Przysucha wrote:
>
>>Hello,
>>
>>I want to use ssh on two ports, 22 (standart) and 666. Can anybody tell how to configure it? My first thought was to
>>simply add the second port nubmer in the configuration but did not work. Second was to set up iptables route the port
>>but seems to be a bit to oversized!?
>>
>>I use Debian 2.4.27-2-386, running openSSH. The machine is located behind a NAT-router and I do not want to open
>>port 22 due to beeing attaced continiously by ssh-scans.
>>I do need port 22 for internal use, 666 or any other port would be my outbound port for accessing the system from the
>>internet.
>>
>>Does anyone hay an idea how to solve the problem?
>
>
> If you are already using iptables, I would suggest to REDIRECT port 666
> to port 22.
>
> You could also run rinetd, but then you would lose the source
> information.
>
Port Forward port 666 on the NAT-Router to port 22 on your local machine.
This may be the same as parent, but I wasn't sure if he was talking on the
NAT-router or local machine, so I thought I'd rephrase it with my words.
I port forward a couple different ports on my firewall to internal machines, but
I can still hit them on 22 internally....
- --
- --------------------------------------------------------------------------------
Always leave room to add an explanation if it doesn't work out.
Saturday Jan 14, 2006
- --------------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iQEVAwUBQ8kmCK3rZxntQpytAQLmLgf/bTyJMppBvB4L81wCxVke920QSKePfuPf
SIEDIdkU3/nzsAWJLE+DruSkejdQYfLYqpYmSsvOnBCdnXOXy51Iop+ZRx/8EimV
5TGQ9FbBpbLRLhsYWZ188v5c4zF5mLd7jY926qJn5gumExg4gMkGFHAQLNJVi1/I
MXxDpEbHPjbZI26nd4Yj6s9gNLBdlHTfLcbifFxsnENRraNQIh1QcIMQ++9BVvQJ
3bsCJO6Ld5tYzZHFtAIeBgWaS9/Ykv2r2Uw+z8vjv9nwewqXXs0ShqYIEmVCT5pO
Bwjk25sijUP0bMisgtgezIq1QgiY0Jmh3Rj/QyUYtlzKZJhnlGm3tA==
=IkAN
-----END PGP SIGNATURE-----
Reply to: