PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Fri Oct 18, 2019 10:16 pm

All times are UTC - 5 hours




Post new topic Reply to topic  [ 5 posts ] 
Author Message
PostPosted: Wed Apr 15, 2015 2:37 pm 
Offline
Forum Contributor

Joined: Fri Jul 18, 2014 1:54 pm
Posts: 179


Top
 Profile  
 
PostPosted: Wed Apr 15, 2015 3:49 pm 
Offline
Spammer :|
User avatar

Joined: Wed Oct 15, 2008 2:35 am
Posts: 6617
Location: WA, USA
Don't need a script for it. Personally, I'd rather execute the commands by hand.

Keep in mind that once you've established an SSH session, it will continue even if:
a) You restart sshd. Doing that only restarts the daemon which handles incoming connections and won't affect the child process your connection is actually using.
b) You restart sshd on a new port. Port 22/2222 is only for new connections; once connected you begin using a completely different port.
c) You reload iptables with a new configuration. Your existing connection (which is on neither port 22 nor port 2222) will continue as iptables is pretty much always configured to allow existing connections and only really filters new connections.

CentOS I assume? As root/with sudo, obviously, here's the general sequence steps:
1. Use "service iptables save" to save the current iptables rules to /etc/sysconfig/iptables, which then gets loaded automatically on startup.
2. Go into that file, find the rule which allows SSH connections, and change it to use the new port. You may want to make a backup first.
3. Reload the rules with "iptables-restore </etc/sysconfig/iptables".
4. Set the SSH daemon to the new port, (possibly make a backup,) and restart it.
5. Try a second SSH session with the new port to see if you can connect.
6. If that doesn't work then undo your changes/restore the backups, apply the changes, and then find out what went wrong.


Top
 Profile  
 
PostPosted: Wed Apr 15, 2015 5:29 pm 
Offline
Forum Contributor

Joined: Fri Jul 18, 2014 1:54 pm
Posts: 179
Thanks requinix, You have answered a lot of questions I was wondering about which takes the fear out of it. I am going to give it a run tomorrow morning when I am more alert. I basically use the script (with heavy comments on anything I learn that is new) so I can go back and look things up and also have a place to add more comments as I pick up more info.
John


Top
 Profile  
 
PostPosted: Thu Apr 16, 2015 9:51 am 
Offline
Forum Contributor

Joined: Fri Jul 18, 2014 1:54 pm
Posts: 179
I got it to work. I had made a mistake in switching off passwords and they were not actually off but this round of tests caught the problem so I fixed that too. So it is fully working on keys now. I will check the /var/log/secure file later. I am looking forward to see all these root password login attempts gone. It looks like they are gone now. Thanks for everyone's help.


Top
 Profile  
 
PostPosted: Fri Apr 17, 2015 7:03 am 
Offline
Forum Contributor

Joined: Fri Jul 18, 2014 1:54 pm
Posts: 179
I just checked the /var/log/secure file and it is now completely clear of failed log in attempts even though I turned off fail2ban. The only entries are for my logging in and out. I turned off fail2ban because it seems to be unneeded now and it was creating unwanted messages in the maillog file.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 5 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group