PHP Developers Network
http://forums.devnetwork.net/

Changing SSH port but flush and reset iptables too
http://forums.devnetwork.net/viewtopic.php?f=34&t=141207
Page 1 of 1

Author:  bowlesj [ Wed Apr 15, 2015 2:37 pm ]
Post subject:  Changing SSH port but flush and reset iptables too


Author:  requinix [ Wed Apr 15, 2015 3:49 pm ]
Post subject:  Re: Changing SSH port but flush and reset iptables too

Don't need a script for it. Personally, I'd rather execute the commands by hand.

Keep in mind that once you've established an SSH session, it will continue even if:
a) You restart sshd. Doing that only restarts the daemon which handles incoming connections and won't affect the child process your connection is actually using.
b) You restart sshd on a new port. Port 22/2222 is only for new connections; once connected you begin using a completely different port.
c) You reload iptables with a new configuration. Your existing connection (which is on neither port 22 nor port 2222) will continue as iptables is pretty much always configured to allow existing connections and only really filters new connections.

CentOS I assume? As root/with sudo, obviously, here's the general sequence steps:
1. Use "service iptables save" to save the current iptables rules to /etc/sysconfig/iptables, which then gets loaded automatically on startup.
2. Go into that file, find the rule which allows SSH connections, and change it to use the new port. You may want to make a backup first.
3. Reload the rules with "iptables-restore </etc/sysconfig/iptables".
4. Set the SSH daemon to the new port, (possibly make a backup,) and restart it.
5. Try a second SSH session with the new port to see if you can connect.
6. If that doesn't work then undo your changes/restore the backups, apply the changes, and then find out what went wrong.

Author:  bowlesj [ Wed Apr 15, 2015 5:29 pm ]
Post subject:  Re: Changing SSH port but flush and reset iptables too

Thanks requinix, You have answered a lot of questions I was wondering about which takes the fear out of it. I am going to give it a run tomorrow morning when I am more alert. I basically use the script (with heavy comments on anything I learn that is new) so I can go back and look things up and also have a place to add more comments as I pick up more info.
John

Author:  bowlesj [ Thu Apr 16, 2015 9:51 am ]
Post subject:  Re: Changing SSH port but flush and reset iptables too

I got it to work. I had made a mistake in switching off passwords and they were not actually off but this round of tests caught the problem so I fixed that too. So it is fully working on keys now. I will check the /var/log/secure file later. I am looking forward to see all these root password login attempts gone. It looks like they are gone now. Thanks for everyone's help.

Author:  bowlesj [ Fri Apr 17, 2015 7:03 am ]
Post subject:  Re: Changing SSH port but flush and reset iptables too

I just checked the /var/log/secure file and it is now completely clear of failed log in attempts even though I turned off fail2ban. The only entries are for my logging in and out. I turned off fail2ban because it seems to be unneeded now and it was creating unwanted messages in the maillog file.

Page 1 of 1 All times are UTC - 5 hours
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/