Ask Your Question
1

Change ssh port in Fedora Server 29

asked 2018-11-18 07:37:18 -0600

c.monty gravatar image

Hi, I have completed a fresh installation of Fedora Server 29. In the installation wizard I select "basis installation".

Now I want to modify ssh port.

However, after modifying /etc/ssh/sshd_config I cannot start sshd service.

[root@ipa ~]# journalctl -xe
Nov 18 14:06:47 ipa.biszumbitterenen.de sshd[792]: error: Bind to port 22200 on :: failed: Permission denied.
Nov 18 14:06:47 ipa.biszumbitterenen.de systemd[1]: Stopping sshd-keygen.target.
-- Subject: Unit sshd-keygen.target has begun shutting down
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit sshd-keygen.target has begun shutting down.
Nov 18 14:06:47 ipa.biszumbitterenen.de sshd[792]: fatal: Cannot bind any address.
Nov 18 14:06:47 ipa.biszumbitterenen.de systemd[1]: Reached target sshd-keygen.target.
-- Subject: Unit sshd-keygen.target has finished start-up
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit sshd-keygen.target has finished starting up.
--
-- The start-up result is done.
Nov 18 14:06:47 ipa.biszumbitterenen.de systemd[1]: Starting OpenSSH server daemon...
-- Subject: Unit sshd.service has begun start-up
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit sshd.service has begun starting up.
Nov 18 14:06:47 ipa.biszumbitterenen.de systemd[1]: sshd.service: Main process exited, code=exited, status=255/n/a
Nov 18 14:06:47 ipa.biszumbitterenen.de systemd[1]: sshd.service: Failed with result 'exit-code'.
Nov 18 14:06:47 ipa.biszumbitterenen.de systemd[1]: Failed to start OpenSSH server daemon.
-- Subject: Unit sshd.service has failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit sshd.service has failed.
--
-- The result is failed.

Obviously there's an error to bind sshd to port 22200.

I have never experienced this issue with other Linux distributions.

Please advise. THX

edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
1

answered 2018-11-18 10:00:34 -0600

hhlp gravatar image

updated 2018-11-18 10:05:59 -0600

Dear , @c.monty

  1. Disable the tools is not a good IDEA, the things are there for their objectives.
  2. You can Select another find it here -> tcp-udp-port-finder, select another one...
  3. Had to edit the /etc/ssh/sshd_config file, but also had to:

Message -> The problem is the following, you don't autorize SELINUX to use that port.

semanage port -a -t ssh_port_t -p tcp xxxxx
semanage port -l | grep ssh_port_t

NOTE : if you don't find this command install policycoreutils-python-utils

Then the local FirewallD is assumed to have been setup to allow the ssh service. The service definition for ssh needs to be updated to allow traffic through on the new port:

sudo firewall-cmd --permanent --service="ssh" --add-port "xxxxx/tcp"

The configuration changes are now in place and you can reload the services to make them take effect:

sudo firewall-cmd --reload
sudo systemctl reload sshd

You should disconnect and reconnect to the server on the new port (ssh -p xxxxx user@example.com). You may be disconnected after running the previous command. After verifying that the new port is accessible, we remove the default SSH port 22 from the firewall configuration to reject future connections to the old port:

sudo firewall-cmd --permanent --service="ssh" --remove-port "22/tcp"
sudo firewall-cmd --reload

Regards.,

Any Problem paste your sshd_config and update your post

edit flag offensive delete link more
0

answered 2018-11-18 08:08:28 -0600

Rabin gravatar image

temporary try and disabling SELinux with setenforce 0 and restart the service, if it working, then it's probobly SELinux preventing sshd listing on port which is not 22, you can solve this by checking the audit log and use audit2allow tools to build a custom rule , read about it here

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

2 followers

Stats

Asked: 2018-11-18 07:37:18 -0600

Seen: 413 times

Last updated: Nov 18 '18