[TriLUG] se linux with sshd on port 443
Jym Williams Zavada
trilugj at jrwz.net
Fri Jun 25 00:42:09 EDT 2010
If you're working remotely via an ssh session, you should verify any config
changes to ssh before you reboot or restart sshd. Otherwise, if your config
contains errors you WILL lock yourself out of your system!!!! You check the
config changes safely by running sshd in "test mode":
sshd -t
If your modified config file contains errors it will list them, and if there
are no errors there will be no output.
Also, if you're concerned at all about losing your ssh session connection
while testing config changes, or prefer to not reboot, you can send a HUP
signal to the PID of the primary sshd daemon process (the one owned by root
and not a privilege separator process and whose PPID is 1) as shown below.
When the sshd daemon receives a HUP it restarts only itself, while leaving
all ssh session processes intact.
ps -ef|awk '{if((NR==1)||(($0~/sshd/)&&($0!~/\[priv\]/)&&($1=="root")&&($3==1))){print$0;}}'
This will print output similar to:
UID PID PPID C STIME TTY TIME CMD
root 1075 1 0 Apr04 ? 00:00:00 /usr/sbin/sshd
Using the PID listed in the output, you can then run:
kill -HUP [PID]
NOTE: for readability, here is the same ps/awk command-line with ample
whitespace and line-continuation characters:
ps -ef | awk '{ \
if ( (NR == 1) || \
( ($0 ~ /sshd/) && \
($0 !~ /\[priv\]/) && \
($1 == "root") && \
($3 == 1) ) \
) { \
print $0; \
} \
}'
On Thu, 24 Jun 2010, Ron Kelley wrote:
> /etc/ssh/sshd.conf
>
> Change the port setting then reboot or restart sshd.
>
> Thanks,
>
> -Ron
> Sent from my iPhone
>
> On Jun 24, 2010, at 21:25, Ralph Blach <chipperb at nc.rr.com> wrote:
>
>> Ok all you experts out there, I want to run se linux but I want sshd on port 443. How do I reconfigure sshd to accomplish this.
>>
>> Thanks
>>
>> Chip
More information about the TriLUG
mailing list