Scientific Linux Forum.org



  Reply to this topicStart new topicStart Poll

> sshd doesn't work on port 40
Massimo
 Posted: Sep 11 2014, 06:12 PM
Quote Post


SLF Newbie


Group: Members
Posts: 2
Member No.: 3211
Joined: 11-September 14









Hi everybody!

I just intalled SL 6.5, running away from ubuntu. I'm working at university and our network admin allows ssh connections only on port 40. With ubuntu I used to edit sshd_config file, restart the service and it worked, while with my SL the server doesn't start anymore if I set "Port 40". Firewall problems are excluded, as, besides openig port 40, I tried also with the firewall down. Simply, when I try to restart the service, it doesen't go up anymore. I tried with another port (9100), arbitrarily chosen, and it works. It seems to have a specific problem with the 40. Anyone has an idea? Thanks a lot in advance!

massimo
PM
^
tux99
 Posted: Sep 11 2014, 08:02 PM
Quote Post


SLF Moderator
********

Group: Moderators
Posts: 1277
Member No.: 224
Joined: 28-May 11









My guess would be SELinux blocking you from using port 40.

You will have to either disable SELiunx completely (not good as you weaken the security of your system) or learn how to tell SELinux to allow ssh to use port 40. I'm not an expert of SELinux at all so I can't help you there, but if you read up on SELinux you should be able to figure it out yourself.

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6-Beta/html/Security-Enhanced_Linux/

--------------------
My personal SL6 repository, specialized in audio/video software: http://pkgrepo.linuxtech.net/el6/
(can be used together with EPEL and ELRepo repositories) - repository mirror: http://linuxsoft.cern.ch/linuxtech/el6/
PM
^
helikaon
 Posted: Sep 12 2014, 04:50 AM
Quote Post


SLF Administrator
*******

Group: Admins
Posts: 836
Member No.: 4
Joined: 8-April 11









QUOTE (Massimo @ Sep 11 2014, 06:12 PM)
Hi everybody!

I just intalled SL 6.5, running away from ubuntu. I'm working at university and our network admin allows ssh connections only on port 40. With ubuntu I used to edit sshd_config file, restart the service and it worked, while with my SL the server doesn't start anymore if I set "Port 40". Firewall problems are excluded, as, besides openig port 40, I tried also with the firewall down. Simply, when I try to restart the service, it doesen't go up anymore. I tried with another port (9100), arbitrarily chosen, and it works. It seems to have a specific problem with the 40. Anyone has an idea? Thanks a lot in advance!

massimo


Hi,
to understand properly -
--> Do you want to run your own SSH server and you want to let ppl connect to it? if this is the case, you need to specify the port 40 in the "/etc/ssh/sshd_config" like:
Port 40

and restart ssh:
service sshd restart

--> or do you want to connect (as client) to SSH server running on port 40? then:
ssh -p 40 username@ip-address


Also tux99 is right in regards of SELinux.
You can check quick:

CODE

[root@orionis /]# getenforce
Enforcing
[root@orionis /]# setenforce 0
[root@orionis /]# getenforce
Permissive
[root@orionis /]# setenforce 1
[root@orionis /]# getenforce
Enforcing


If you use 'setenforce 0' you turn SELinux to 'log only' mode and it will allow anything - so check if your problem is still present while condition 'Permissive'
if problem is gone then you need to tune SELinux rights, if problem still present while 'Permissive', then it is not SElinux problem and you can turn it back to 'Enforcing' just like i did i in my example

cheers,






--------------------
PMEmail Poster
^
Massimo
 Posted: Sep 12 2014, 09:09 AM
Quote Post


SLF Newbie


Group: Members
Posts: 2
Member No.: 3211
Joined: 11-September 14









Thanks tux99 and helikaon, excellent intuition! Setting SLinux on permissive, everything works fine. Now I have just to figure out how to customize SLinux properties (I don't think that living it on permisive is a good idea).

cheers
PM
^
joka
 Posted: Sep 21 2014, 11:04 AM
Quote Post


SLF Geek
****

Group: Members
Posts: 172
Member No.: 107
Joined: 28-April 11









QUOTE (Massimo @ Sep 12 2014, 10:09 AM)
Thanks tux99 and helikaon, excellent intuition! Setting SLinux on permissive, everything works fine. Now I have just to figure out how to customize SLinux properties (I don't think that living it on permisive is a good idea).

cheers

The CentOS wiki has a paractical and brief introduction to SELinux: http://wiki.centos.org/HowTos/SELinux

The command to configure port 40 as SSH port is:
CODE
semanage port -a -t ssh_port_t -p tcp 40


PM
^
0 User(s) are reading this topic (0 Guests and 0 Anonymous Users)
0 Members:

Topic Options Reply to this topicStart new topicStart Poll