Solved

Problems with OpenSSH on Windows - Cannot change Port number from 22 to 443

Posted on 2006-10-24
5
1,561 Views
Last Modified: 2008-01-09
Hello,

I've installed OpennSSH for Windows on my home-machine (XP) in order to get a VNC connection via Secure SSH tunnel to this machine. The client I use is PUTTY.
As long as I can use the port 22 everything works fine. But sometimes my client PUTTY is behind a firewall and only the ports 80 or 443 are possible to use. Thus I tried to change the port of my OpenSSH Server from 22 to 443. I edited the sshd_config file (not ssh_config!) and changed the port number from 22 to 443. After that I restarted the OpenSSh Server. The result is, that I don't get an connection on port 443 but still on port 22!! I assume that OpenSSH doesn't care about the entry in the sshd_config file and is still listening to port 22. Where is the place to change the port for OpenSSH?

Thanx a lot in advance!
0
Comment
Question by:new_user_xyz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 1

Expert Comment

by:rllynch
ID: 17796015
It should be changed in sshd_config using the Port option.  You can also add additional ports using ListenAddress in sshd_config.  I believe something like "ListenAddress :443" would do the trick.

If OpenSSH is ignoring the Port line, is it possible when OpenSSH was launched, that the -p command line argument was supplied?  That would override the Port option with whatever port was supplied on the command line.  It won't override ListenAddress though, so adding a ListenAddress line to sshd_config might be the easiest fix.
0
 

Author Comment

by:new_user_xyz
ID: 17796193
thanx for the prompt answer!

I checked it out theoretical (because I've no access to my homemachine right now *g* ) but I think you can only specify an ip-address with the Listenaddress option, not a port number. But I check it out in practice later and let you know about what happend.

I tried to launch OpenSSH with the -p command line argument in order to specify port 443:

net start openSSH -p 443

but this is not a known command.
0
 
LVL 1

Accepted Solution

by:
rllynch earned 200 total points
ID: 17796496
I'm pretty sure ListenAddress works with either ports and/or addresses.  Here's the relevant man page passage:

ListenAddress
        Specifies the local addresses sshd should listen on.  The follow-
        ing forms may be used:

              ListenAddress host|IPv4_addr|IPv6_addr
              ListenAddress host|IPv4_addr:port
              ListenAddress [host|IPv6_addr]:port

        If port is not specified, sshd will listen on the address and all
        prior Port options specified.  The default is to listen on all
        local addresses.  Multiple ListenAddress options are permitted.
        Additionally, any Port options must precede this option for non
        port qualified addresses.

I think the host/IP address is optional for both the second and third form, even though it doesn't indicate so on the second form, but if sshd doesn't like "ListenAddress :443", then try "ListenAddress 0.0.0.0:443".  This should bind sshd to port 443 on all of your network interfaces.

As for the command line options, they need to be specified when the OpenSSH service was installed.  They can't be specified when you do a "net start".  For instance, if you installed the OpenSSH service using cygrunsrv, you'd specify the OpenSSH arguments using the cygrunsrv -a argument.  Uninstalling, then reinstalling the OpenSSH service with different arguments might also fix the port number, but would be a little more involved.
0
 

Author Comment

by:new_user_xyz
ID: 17797911
The problem was the following:

I allways opend the sshd_config file with the notepad editor and the newline is not recognized in notepad. The whole content is displayed in one big line. For that reason Ii didn't realize that there is a '#' at the beginning of almost every line including the line with the port number. This time I opend the config with wordpad, which displays the content in lines, and I realized at once what the problem is. I deleted the '#' at the beginning of the line and ...... ;-)
It's ok if I give you 200 points as a thank you for the time you spend with my question?
0
 
LVL 1

Expert Comment

by:rllynch
ID: 17798826
Sure, 200 points if fine.  Good to hear you got things working.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses
Course of the Month10 days, 11 hours left to enroll

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question