Solved

Setting up ssh telnet ftp port on two AIX servers at home in one internet network

Posted on 2011-03-02
9
1,176 Views
Last Modified: 2013-11-17
Hello I have two AIX servers set up to the same internet at my home.
However, to be able to access those servers remotely i have to create a firewall entry of telnet port and ssh port in my router settings.

The issue that i am having is that i am only able to allocate ssh port to one of the servers, whereas i want to allocate ssh to both of the servers so both servers can be connected remotely via ssh.
Is that possible?

The router + modem device that is being used at my home is, Manufactured by 2wire and the model is 3801HGV

 
lan1.gif
lan002.gif
0
Comment
Question by:assistunix
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 1

Expert Comment

by:dbradley626
ID: 35020689
Try checking to see if you enable ssh and telnet on multiply interfaces or on just one
0
 

Author Comment

by:assistunix
ID: 35020779
Hello
What do you mean by "Try checking to see if you enable ssh and telnet on multiply interfaces or on just one"

The issue that i am facing right now is that in my router settings, it does not allow me to allocate ssh or tellnet or any other port to more than one server at a time.
Is there a way around it, can i allocate ssh or telnet or any other port to more than one server at a time?
0
 
LVL 7

Assisted Solution

by:jackiechen858
jackiechen858 earned 50 total points
ID: 35024476
you need to NAT a public port into your internal network.

seems your router is a dumb one, not very flexible. so it only map external 22 port (ssh port) to one internal ip's 22 port.  A good router can map a external 1022 port to another internal ip's 22 port, then you can access your second AIX from outside by " ssh your_public_ip port 1022".


What you can do is reconfigure one of your AIX to listening on a different port, say 1022; you can do this by modifying /etc/ssh/sshd.conf

then add a user-defined application as tcp 1022. then you can map your second AIX server.

you can access it from outside by  ssh your_public_ip port 1022.



 
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 250 total points
ID: 35025003
No need to reconfigure AIX.

Create a new application as suggested above, but in the "Map to Host Port" area specify port 22.

You could also use your first server as a "jump station" to reach the other server(s):

ssh -t user@server1 "ssh -t user@server2"

wmp



0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 6

Assisted Solution

by:Tomunique
Tomunique earned 200 total points
ID: 35027598
Is there any reason you need them both on port 22?

ssh {yourhomeIP}   will connect to host 1

ssh -oPort=1022 {yourhomeIP} will connect to host 2

Modify the port SSH listens on host 2, you can either move it to port 1022 (or whatever you choose)
  OR -- you can run it off both 22 and 1022  (so if host1 wants to connect to host 2, you don't have to specify the -oPort= option all the time.


TO move the port ssh listens on  part of it depends on how you start it:
if you runt it as a daemon:
Modify /etc/ssh/sshd_config
#Port 22                -- Uncomment this line, and change it to 1022 (or some other free port)
Port 1022
#Protocol 2,1
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress ::

if you are spawning sshd off via inetd
Modify /etc/inetd.conf:
$ grep ssh /etc/inetd.conf
ssh     stream  tcp     nowait  root    /usr/sbin/sshd         sshd -i

And modify /etc/services
$ grep ssh /etc/services
ssh                             1022/tcp          # SSH Remote Login Protocol
ssh                             1022/udp          # SSH Remote Login Protocol

Remember to recycle your services or reboot.  (this works for inetd, dont know about sshd)
kill -1   $(ps -ef|grep -v grep |grep inetd|awk '{print $2}')

Look to see where you're services are at now:
netstat -an|grep LISTEN
0
 
LVL 6

Expert Comment

by:Tomunique
ID: 35027724
I didn't clarify how to run it on both ports (22 and 1022)
from "man sshd_config"
 Port Specifies the port number that sshd(8) listens on.  The
               default is 22.  Multiple options of this type are
               permitted.  See also ListenAddress.

So you could specify two lines
Port 22
Port 1022

Tom
0
 

Author Comment

by:assistunix
ID: 35062268
Hello
I don't need to use port 22 for both servers, i just wanted to be able to connect to both servers from outside the network with ssh, and that would be resolved with the "jumpstation" suggestion given by wmp, as that is all i was looking to do.

However i am keen to learn about other way whichjackiechen858 and Tomunique are suggesting that to define a new port in my ssh config file for it to run on. But putty does not have option of using 1022 or any other user defined port as ssh , does it?
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 35062301
Sure it does!
The "Session" setup let's you select "ssh" and just below this you can select the target port.

wmp
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 250 total points
ID: 35062400
Sorry, not below, above (on the right).

In the "PuTTY Configuration" window clixk "Session" on the left. On the right select the "SSH" radio button, then enter the desired portnumber just above (a bit on the right, that is).

And commandline ssh has the "-p port" option:

ssh -p 1022 user@host ...

You can also specify the target port in ssh_config on a per-host basis.

wmp
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
netstat -a in AIX unix 8 26
sudo logging 5 64
unix solaris snoop command 6 45
Authentication Problems via Telnet 8 37
Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now