Change SSH Port - Broken

[mockingbird]

The first thing you want to do after installation is change the SSH port right?

So go into /etc/sshd/sshd_config and uncomment the port line.

Next, reflect this change in CSF... Wait, DirectAdmin will do this automatically for you.

This list is replaced, if present, by "Port" definitions in
/etc/ssh/sshd_config
PORTS_sshd = 22 (restricted UI item)

NOT!

This feature is broken. This was not automatically changed for me and I had to manually edit csf.conf and do it myself. Either eliminate the feature by allowing the field to be edited or please fix this! Thanks

 

[Active8]

I can assure you this works (ubuntu 24.04) ,
Just installed an new server few days ago and new SSH port was automatically detected along with the port 22 in CSF

 

[Richard G]

This feature is broken.

Sorry. But this is not a DA feature. If I'm correct you will find that line somewhere at the bottom of the csf.conf file.
I've never seen this working correctly, not sure what it should do, but I've always changed the SSH port in the csf.conf file manually. Even way before Directadmin started to install CSF by default.

If you want this fixed, you might also ask over at configserver which are the creators of CSF.

@Active8 Yes on installation always. So I always first change my SSH port before installing Directadmin and then I don't need to add it manually anymore. But after installation, one has to do it manually.

 

[copernic]

Je peux vous assurer que cela fonctionne (ubuntu 24.04),
Je viens d'installer un nouveau serveur il y a quelques jours et le nouveau port SSH a été automatiquement détecté avec le port 22 dans CSF

ssh management has improved in ubuntu 24.04
You need to do the following (I did this before DA was installed)

1. modify port in /etc/ssh/sshd_config
2. change port in /lib/systemd/system/ssh.socket
3. check that ufw is disabled, then restart ssh (not sshd)
4. run: systemctl daemon-reload
5. run: systemctl restart ssh.socket
6. check that the new port is taken into account: netstat -tlpn| grep ssh

 

[Richard G]

2. change port in /lib/systemd/system/ssh.socket

This could be changed back after a system update, so better not to directly edit it there. Better is to create an override file.

I found this:

To change the port of the SSH server, the systemd configuration for ssh.socket must be changed or supplemented. The configuration adjustment is made by creating a *.conf file in the directory /etc/systemd/system/ssh.socket.d/ directory.

1. Create conf file to extend the default config:
   systemctl edit ssh.socket
   or
   vim /etc/systemd/system/ssh.socket.d/override.conf
   
   [Socket>
   ListenStream=
   ListenStream=1234
   The line ListenStream= is required that port 22 is no longer used. Without this line, the SSH server would then be accessible via port 22 (default) and 1234.
2. Restart the socket:
   systemctl restart ssh.socket

Even if you only do the systemctl edit ssh.socket, still verify the override file as you need to disable the first listenport 22 by that empty line.