how to change my SSH port ?

[FileSick]

hi

i used someone to change the port you use to connect to your SSH to reduce the brute force attack i'm getting and right now i want to change it again so could you please tell me how to change it like could you please give me the commands i'm gonna use to change the port please

waiting for your respond

 

[rpereyra]

hi

with centos you should edit this file:

/etc/ssh/sshd_config

change and uncomment

#Port 22

and restart sshd

(before check your firewall with the new port)

service sshd restart

roberto

 

[nobaloney]

To which I'll add: Be sure to check logging in with the new settings before you close your current shell session, or you may lose access to your server if you've made a mistake.

Jeff

 

[FileSick]

thank you so much for both of you ,you are so great

but still don't know what to type and what to do could you please explain more

waiting for your respond

 

[nobaloney]

I hate to be the bearer of bad news, but if you really can't follow the instructions posted by user rpereyra, then I'd suggest you find someone who can do it for you; playing with ssh is just too risky unless you have a high degree of confidence for what you need to do at the command line.

Are you at a loss for an editor to use? If you don't know how to use a command line editor I'd suggest that editing sshd.conf is likely not a good way to learn. Too risky.

What specifically don't you understand?

Jeff

 

[zEitEr]

thank you so much for both of you ,you are so great

but still don't know what to type and what to do could you please explain more

waiting for your respond

Jeff is right, if don't know the basics then you'd better find someone who can do it for you.

Anyway, at admin level there is a File Editor in Directadmin, which can be used for editing /etc/ssh/sshd_config as well. Also sshd can be restarted in Directadmin interface. Of course you should update your firewall settings, and unless you are using CSF/LFD there is no a default way to update it's rules in Directadmin. But you also can use File Editor for that (it's a long way though), so you'd better open a SSH session and do all the things there as it was already mentioned above by Roberto. You might want install mc from packages of your distro and use it for navigating and other actions in SSH.

And if your SSH fails to start, there are still several ways to recover it: through Directadmin (of course you should have root password), through IP KVM (if it's a dedicated/collocated server), through virtual console (if it's a VPS).

Please feel free to contact any of us here for a quote if you want a private assistance.

related:

http://help.directadmin.com/item.php?id=10

 

[FileSick]

thank you so much for your great responses

it's not that i didn't use SSH before or anything but i just don't know the commands needed to change my port and the best way to teach me how to do it is to simply type the commands i'm gonna need in steps for example

step 1 : (the command)
step 2 : ...... etc

and thank you so much for all of you for taking the time to help me

waiting for your responds

 

[zEitEr]

All the steps were already written, if you need more details on each steps, then you'd better start learning Linux Administrating Bases, which are not the subject if these forums.

 

[FileSick]

no it's okay but still there one small thing about this line

"(before check your firewall with the new port)"

what does that mean and how to check my firewall

waiting for your respond

 

[zEitEr]

Nobody but you should know if you are running a firewall or not. Or probably you are using a hardware firewall offered by your hosting company, or whatever else . You did not specify your OS name, so nobody would want to guess it.

Try

iptables --list

on CentOS/Ubuntu/Debian

and

ipfw show

on FreeBSD.

Even if the output of the commands is empty or faulty, it might be not the answer. That's why you were suggested to try to connect to the SSH on the new port, before closing the existing connection.

Might be helpful:

http://help.directadmin.com/item.php?id=527
http://whatismyipaddress.com/firewall

 

[FileSick]

so sorry i didn't

i am using centos and i'm using CSF firewall and there is another firewall sending me emails every second called lfd

waiting for your respond

 

[dmacleo]

so in csf in ipv4 settings add the port you WANT to use for ssh in the tcp in and out ports and save that, csf will ask you to restart it, press the button it will.
then what I do is use ftp and download the file /etc/ssh/sshd_config.
I then rename the downloaded one /etc/ssh/sshd_config.BAK and upload and then download the /etc/ssh/sshd_config again.
this can be done though ssh but I have typing issues so this prevents errors.
so on the downloaded /etc/ssh/sshd_config I open it with a good text editor.
one of the lines up near the top says #Port 22.
uncomment means delete the #.
the change the 22 to the port you WANT.
for example if you wanted to use port 99 you would have the line read Port 99
also make sure to choose a port NOT used by anything else.
upload the edited /etc/ssh/sshd_config file and, while still connected to ftp and ssh on port 22, in directadmin services restart the ssh service.
open a new ssh instance and see if you can login using your normal user/passwords but the new port you chose.
if so you are good, you've changed the ssh port.

 

[nobaloney]

i am using centos and i'm using CSF firewall and there is another firewall sending me emails every second called lfd

You should definitely remove the lfd firewall. You should not run two firewall scripts at the same time.

I believe that CSF includes a sfript which can be run to remove the LFD firewall.

Jeff

 

[dmacleo]

You should definitely remove the lfd firewall. You should not run two firewall scripts at the same time.

I believe that CSF includes a sfript which can be run to remove the LFD firewall.

Jeff

I think the person may have been describing the csf Login Failure Daemon

thts what I would think would be sending those emails.

 

[zEitEr]

LFD is a part of CSF, that is not a separate firewall, I'd rather admit.

 

[Richard G]

That's correct. It's also the reason why it's oftel called CSF/LFD.
CSF = ConfigServer Firewall
LFD = Logon Failure Daemon.

They belong together and LFD is part of (and configured via) CSF.

 

[nobaloney]

Thanks. Somehow I got confused. As a friend of mine used to say, "I got my tongue caught in my eye-tooth and I couldn't see what I was saying."



Jeff