• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 844
  • Last Modified:

How to find ssh port on Linux box

Very quick question  I had last night when using nmap.  Lets say  SSH is confgigured to listen on  another port than 22, is  it possible to detect what port ssh is listening to?
0
maxalarie
Asked:
maxalarie
  • 8
  • 4
  • 3
1 Solution
 
omarfaridCommented:
you can use netstat to find out
0
 
maxalarieAuthor Commented:
Nerstat will tell me what ports are used, but how will I know which one is SSH?
0
 
omarfaridCommented:
I do not have a system to test the command, but is the output of

netstat -na | grep -i list
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

 
maxalarieAuthor Commented:
Thanks, but that does not really help me..  Netstat tells  you which port are open on the remote machine , which is good. But it does not tell you what port is used for ssh, when ssh is configured on a non STD port.  Maybe what i'm asking is impossible. It would be a breach of security.
0
 
omarfaridCommented:
is your question for ssh port on the local system or on the remote system?
0
 
medveddCommented:
On local system, find your sshd process number and use lsof:

lsof -p xxxx | grep LISTEN

where xxxx - process number of sshd.

If you are trying to find ssh port on remote system, use nmap:

nmap -sV <hostname/ip>
0
 
maxalarieAuthor Commented:
Ok,
Here is what  I want to do.

I have a domain  on the Internet,    SSH is configured to listen  on a non standard port. I just want to make sure that this port is not listed  when a port scanner tool is used.  The ipadress of my domain is: 75.98.164.221

the ssh port is not displayed when I use nmap. Only the default one is listed as closed.  What i find strange is that some other port  is listed as unknown: 55555.  My ssh port is way below that port number and is not getting listed by nmap.. I just wondering why
0
 
medveddCommented:
If port is open to the world, it should be listed by nmap.
Does ssh is working on this port? I mean, can you ssh from outside to this
computer/port?
0
 
maxalarieAuthor Commented:
Absolutely, i can ssh to it.  But the post is not listed by nmap.
0
 
medveddCommented:
It's very strange. If you are ssh'ing from the same computer, nmap should list something like this:

2424/tcp open  ssh     OpenSSH 4.3 (protocol 2.0)

Do you have any firewalls between nmap and target host?
0
 
maxalarieAuthor Commented:
I can  install nmap on the server since its  a remote cpanel hosting. But at the moment, and I am a little bit ashamed to admii it.. There is a firewall between the 2 machines..  

I will test with another server and get back..  

I cant believe I didnt think of that..
0
 
maxalarieAuthor Commented:
The nmap return this:

Starting Nmap 5.00 ( http://nmap.org ) at 2011-03-01 19:17 UTC
Interesting ports on 75.98.164.221.static.a2webhosting.com (75.98.164.221):
Not shown: 984 filtered ports
PORT      STATE  SERVICE   VERSION
21/tcp    open   ftp       PureFTPd
22/tcp    closed ssh
25/tcp    open   smtp      Exim smtpd 4.69
53/tcp    open   domain
80/tcp    open   http      Apache httpd
110/tcp   open   pop3
125/tcp   closed locus-map
143/tcp   open   imap      Dovecot imapd
161/tcp   closed snmp
443/tcp   open   http      Apache httpd
465/tcp   open   smtps?
993/tcp   open   ssl/imap  Dovecot imapd
995/tcp   open   ssl/pop3
2041/tcp  closed interbase
2525/tcp  open   smtp      Exim smtpd 4.69


my ssh port is configured on port 7822 and its not listed here.
0
 
medveddCommented:
nmap  -PN -sV -p 7000-8000 75.98.164.221

PORT     STATE SERVICE VERSION
7822/tcp open  ssh     OpenSSH 5.5 (protocol 2.0)

By default, Nmap scans the most common 1,000 ports for each protocol,
so your port was not in the scan.
0
 
maxalarieAuthor Commented:
ok.

thank you very much.
0
 
maxalarieAuthor Commented:
Thank you
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 8
  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now