Solved

Problems with OpenSSH on Windows - Cannot change Port number from 22 to 443

Posted on 2006-10-24
5
1,545 Views
Last Modified: 2008-01-09
Hello,

I've installed OpennSSH for Windows on my home-machine (XP) in order to get a VNC connection via Secure SSH tunnel to this machine. The client I use is PUTTY.
As long as I can use the port 22 everything works fine. But sometimes my client PUTTY is behind a firewall and only the ports 80 or 443 are possible to use. Thus I tried to change the port of my OpenSSH Server from 22 to 443. I edited the sshd_config file (not ssh_config!) and changed the port number from 22 to 443. After that I restarted the OpenSSh Server. The result is, that I don't get an connection on port 443 but still on port 22!! I assume that OpenSSH doesn't care about the entry in the sshd_config file and is still listening to port 22. Where is the place to change the port for OpenSSH?

Thanx a lot in advance!
0
Comment
Question by:new_user_xyz
  • 3
  • 2
5 Comments
 
LVL 1

Expert Comment

by:rllynch
ID: 17796015
It should be changed in sshd_config using the Port option.  You can also add additional ports using ListenAddress in sshd_config.  I believe something like "ListenAddress :443" would do the trick.

If OpenSSH is ignoring the Port line, is it possible when OpenSSH was launched, that the -p command line argument was supplied?  That would override the Port option with whatever port was supplied on the command line.  It won't override ListenAddress though, so adding a ListenAddress line to sshd_config might be the easiest fix.
0
 

Author Comment

by:new_user_xyz
ID: 17796193
thanx for the prompt answer!

I checked it out theoretical (because I've no access to my homemachine right now *g* ) but I think you can only specify an ip-address with the Listenaddress option, not a port number. But I check it out in practice later and let you know about what happend.

I tried to launch OpenSSH with the -p command line argument in order to specify port 443:

net start openSSH -p 443

but this is not a known command.
0
 
LVL 1

Accepted Solution

by:
rllynch earned 200 total points
ID: 17796496
I'm pretty sure ListenAddress works with either ports and/or addresses.  Here's the relevant man page passage:

ListenAddress
        Specifies the local addresses sshd should listen on.  The follow-
        ing forms may be used:

              ListenAddress host|IPv4_addr|IPv6_addr
              ListenAddress host|IPv4_addr:port
              ListenAddress [host|IPv6_addr]:port

        If port is not specified, sshd will listen on the address and all
        prior Port options specified.  The default is to listen on all
        local addresses.  Multiple ListenAddress options are permitted.
        Additionally, any Port options must precede this option for non
        port qualified addresses.

I think the host/IP address is optional for both the second and third form, even though it doesn't indicate so on the second form, but if sshd doesn't like "ListenAddress :443", then try "ListenAddress 0.0.0.0:443".  This should bind sshd to port 443 on all of your network interfaces.

As for the command line options, they need to be specified when the OpenSSH service was installed.  They can't be specified when you do a "net start".  For instance, if you installed the OpenSSH service using cygrunsrv, you'd specify the OpenSSH arguments using the cygrunsrv -a argument.  Uninstalling, then reinstalling the OpenSSH service with different arguments might also fix the port number, but would be a little more involved.
0
 

Author Comment

by:new_user_xyz
ID: 17797911
The problem was the following:

I allways opend the sshd_config file with the notepad editor and the newline is not recognized in notepad. The whole content is displayed in one big line. For that reason Ii didn't realize that there is a '#' at the beginning of almost every line including the line with the port number. This time I opend the config with wordpad, which displays the content in lines, and I realized at once what the problem is. I deleted the '#' at the beginning of the line and ...... ;-)
It's ok if I give you 200 points as a thank you for the time you spend with my question?
0
 
LVL 1

Expert Comment

by:rllynch
ID: 17798826
Sure, 200 points if fine.  Good to hear you got things working.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Join & Write a Comment

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now