Solved

Setting up ssh telnet ftp port on two AIX servers at home in one internet network

Posted on 2011-03-02
9
1,184 Views
Last Modified: 2013-11-17
Hello I have two AIX servers set up to the same internet at my home.
However, to be able to access those servers remotely i have to create a firewall entry of telnet port and ssh port in my router settings.

The issue that i am having is that i am only able to allocate ssh port to one of the servers, whereas i want to allocate ssh to both of the servers so both servers can be connected remotely via ssh.
Is that possible?

The router + modem device that is being used at my home is, Manufactured by 2wire and the model is 3801HGV

 
lan1.gif
lan002.gif
0
Comment
Question by:assistunix
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 1

Expert Comment

by:dbradley626
ID: 35020689
Try checking to see if you enable ssh and telnet on multiply interfaces or on just one
0
 

Author Comment

by:assistunix
ID: 35020779
Hello
What do you mean by "Try checking to see if you enable ssh and telnet on multiply interfaces or on just one"

The issue that i am facing right now is that in my router settings, it does not allow me to allocate ssh or tellnet or any other port to more than one server at a time.
Is there a way around it, can i allocate ssh or telnet or any other port to more than one server at a time?
0
 
LVL 7

Assisted Solution

by:jackiechen858
jackiechen858 earned 50 total points
ID: 35024476
you need to NAT a public port into your internal network.

seems your router is a dumb one, not very flexible. so it only map external 22 port (ssh port) to one internal ip's 22 port.  A good router can map a external 1022 port to another internal ip's 22 port, then you can access your second AIX from outside by " ssh your_public_ip port 1022".


What you can do is reconfigure one of your AIX to listening on a different port, say 1022; you can do this by modifying /etc/ssh/sshd.conf

then add a user-defined application as tcp 1022. then you can map your second AIX server.

you can access it from outside by  ssh your_public_ip port 1022.



 
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 250 total points
ID: 35025003
No need to reconfigure AIX.

Create a new application as suggested above, but in the "Map to Host Port" area specify port 22.

You could also use your first server as a "jump station" to reach the other server(s):

ssh -t user@server1 "ssh -t user@server2"

wmp



0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 6

Assisted Solution

by:Tomunique
Tomunique earned 200 total points
ID: 35027598
Is there any reason you need them both on port 22?

ssh {yourhomeIP}   will connect to host 1

ssh -oPort=1022 {yourhomeIP} will connect to host 2

Modify the port SSH listens on host 2, you can either move it to port 1022 (or whatever you choose)
  OR -- you can run it off both 22 and 1022  (so if host1 wants to connect to host 2, you don't have to specify the -oPort= option all the time.


TO move the port ssh listens on  part of it depends on how you start it:
if you runt it as a daemon:
Modify /etc/ssh/sshd_config
#Port 22                -- Uncomment this line, and change it to 1022 (or some other free port)
Port 1022
#Protocol 2,1
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress ::

if you are spawning sshd off via inetd
Modify /etc/inetd.conf:
$ grep ssh /etc/inetd.conf
ssh     stream  tcp     nowait  root    /usr/sbin/sshd         sshd -i

And modify /etc/services
$ grep ssh /etc/services
ssh                             1022/tcp          # SSH Remote Login Protocol
ssh                             1022/udp          # SSH Remote Login Protocol

Remember to recycle your services or reboot.  (this works for inetd, dont know about sshd)
kill -1   $(ps -ef|grep -v grep |grep inetd|awk '{print $2}')

Look to see where you're services are at now:
netstat -an|grep LISTEN
0
 
LVL 6

Expert Comment

by:Tomunique
ID: 35027724
I didn't clarify how to run it on both ports (22 and 1022)
from "man sshd_config"
 Port Specifies the port number that sshd(8) listens on.  The
               default is 22.  Multiple options of this type are
               permitted.  See also ListenAddress.

So you could specify two lines
Port 22
Port 1022

Tom
0
 

Author Comment

by:assistunix
ID: 35062268
Hello
I don't need to use port 22 for both servers, i just wanted to be able to connect to both servers from outside the network with ssh, and that would be resolved with the "jumpstation" suggestion given by wmp, as that is all i was looking to do.

However i am keen to learn about other way whichjackiechen858 and Tomunique are suggesting that to define a new port in my ssh config file for it to run on. But putty does not have option of using 1022 or any other user defined port as ssh , does it?
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 35062301
Sure it does!
The "Session" setup let's you select "ssh" and just below this you can select the target port.

wmp
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 250 total points
ID: 35062400
Sorry, not below, above (on the right).

In the "PuTTY Configuration" window clixk "Session" on the left. On the right select the "SSH" radio button, then enter the desired portnumber just above (a bit on the right, that is).

And commandline ssh has the "-p port" option:

ssh -p 1022 user@host ...

You can also specify the target port in ssh_config on a per-host basis.

wmp
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
In tuning file systems on the Solaris Operating System, changing some parameters of a file system usually destroys the data on it. For instance, changing the cache segment block size in the volume of a T3 requires that you delete the existing volu…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now