On Fri Jan24'25 04:54:36PM, Patrick O'Callaghan wrote: > From: Patrick O'Callaghan <pocallag...@gmail.com> > Date: Fri, 24 Jan 2025 16:54:36 +0000 > To: users@lists.fedoraproject.org > Reply-To: Community support for Fedora users <users@lists.fedoraproject.org> > Subject: Re: OT: How to select a new port number for ssh > > On Fri, 2025-01-24 at 11:40 -0500, Lester Petrie wrote: > > I have a NAS I wish to change the ssh port from 22 to something else. > > How do I go about selecting a good port number? > > Look at the standard ports in /etc/services and choose something > different. Depending on access control to the NAS, you might want to > choose something below 1023. > > poc
I have not done this for a while, but I have my port set to a nonstandard number. Btw, I was always given to believe that moving it from 22 was the right thing to do because that was the most obvious port to attack. Anyway, in the past, I had to do this (per some helpful instructions from this mailing list) sort of from long ago when firewalld was introduced in Fedora. I last did this about a year (or two) ago, and it worked then. From my notes: # sudo semanage port -p tcp -a -t ssh_port_t ****** # where ****** is the port number desired ### get into system-config firewall and open the port ****** for tcp (I do not have to do this). # add the port number ****** in /etc/ssh/sshd_config replacing Port 22 (default) # Now, doing the same using firewalld (not sure if the above has to be done, but the latter has to be done): sudo dnf install firewall-config # Start firewall-config. # At the top, notice there is a drop down menu. Pull down and select "Permanent" # Select the Services Tab and then Edit Services. # Find the ssh entry and click +Add # Add the port you want # Click on the "Reload firewalld" under "Options" # You're done # # Note that you will need to change the port number in /etc/sshd_config if not done earlier: sudo systemctl enable sshd.service I am not sure if these help you, but they are what I have always done when I need a machine (for the past 10-15 years) with incoming ssh. HTH, Ranjan -- _______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
