English
Ask Your Question
1

How to make Fedora Cloud 23 listen on two ssh ports?

asked 2015-09-22 22:48:16 +0000

WillyNolan gravatar image

updated 2015-09-23 03:24:43 +0000

Hi,

I am trying to make my server listen on a non-default port (50505 - could be anything). I have taken every single step imaginable but -- to be safe -- I have left SSH running on the default port of 22 as well.

Here is what I have done:

  • First I edited the file ~/.ssh/.sshd_config. I added a line Port 50505 below the line that says Port 22
  • Then I switched to the root user and ran systemctl restart sshd
  • Then I ran setenforce 0

I also ran semanage port -a -t ssh_port_t -p tcp 50505

None of these things seem to have an impact. My connection still immediately connects on port 22, but times out on port 50505.

I have toggled acept password on and off so I know that sshd is being restarted,. Also I used netstat -tulp and I get the following result:

tcp        0      0 0.0.0.0:50505           0.0.0.0:*               LISTEN      -                   
tcp        0      0 0.0.0.0:ssh             0.0.0.0:*               LISTEN      -                   
tcp6       0      0 [::]:50505              [::]:*                  LISTEN      -                   
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN      -                   
udp        0      0 0.0.0.0:bootpc          0.0.0.0:*                           -                   
udp        0      0 0.0.0.0:15220           0.0.0.0:*                           -

However, everything to ssh on port 50505 times out. running ssh #host#hostname# -p50505 returns:

debug1: Reading configuration data /Users/Startec/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: /etc/ssh_config line 53: Applying options for *
debug1: Connecting to hostname.com [ipaddress] port 50505.

Before timing out.

The output of iptables -L is:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:50505

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Any suggestions here?

edit retag flag offensive close merge delete

Comments

Welcome to ask.fedora! I'd like to point out that this list is for currently-supported versions of Fedora and F 23 hasn't even reached beta status as yet. You may need to take this to the appropriate mailing list, but I'm leaving this question open because the answer might very well not be version-related. If you do get this working, please let us know so that others can also learn.

sideburns ( 2015-09-22 23:02:54 +0000 )edit

F23 beta release was today, @sideburns :)

randomuser ( 2015-09-22 23:17:15 +0000 )edit

@WillyNolan, can you login to the instance and ssh to localhost on that port? What about to the external IP from the instance? A firewall on the instance or in your cloud environment would prevent this.

randomuser ( 2015-09-22 23:18:43 +0000 )edit

Thank you; I don't use beta-versions, so I hadn't noted the release. Still, it might help checking with the test list to see if there's anything version-specific involved.

sideburns ( 2015-09-22 23:50:53 +0000 )edit

@randomuser I can indeed ssh via localhost on that port when I am already logged into the instance but I can not using the external IP. Your suggestion is that there could be a firewall problem? Could you tell me what to check? It doesn't look like firewalld is installed

WillyNolan ( 2015-09-23 01:11:33 +0000 )edit

1 answer

Sort by ยป oldest newest most voted
2

answered 2015-09-23 03:53:30 +0000

Everything says policy ACCEPT and there are no rules after to change that. Your cloud provider is blocking the port; this is common in a cloud environment.

edit flag offensive delete link more

Comments

1

@randomuser It was indeed the settings on my AWS networking. Thank you for the help!

WillyNolan ( 2015-09-23 04:00:13 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

[hide preview]

Use your votes!

  • Use the 30 daily voting points that you get!
  • Up-vote well framed questions that provide enough information to enable people provide answers.
  • Thank your helpers by up-voting their comments and answers. If a question you asked has been answered, accept the best answer by clicking on the checkbox on the left side of the answer.
  • Down-voting might cost you karma, but you should consider doing so for incorrect or clearly detrimental questions and answers.

Question Tools

Follow
1 follower

Stats

Asked: 2015-09-22 22:48:16 +0000

Seen: 308 times

Last updated: Sep 23 '15