I changed the sshd_config port and cannot login using putty anymore. What should I do?

Hi all,

I have a ubuntu 14.04 x64 distribution and I was following a tutorial I found on the net to harden it:
http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lts-server-part-1-basics

I changed the port to 1022.

Before this I could normally login using my SSH privatekey through putty on port 22.
Now when I try to open the putty connection I get Network error: Connection refused

In putty I even changed the port to 1022 and retried but I get a different error this time:
Network error: Connection timed out

What am I doing wrong?

thanks in advance
badwolfffAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jan SpringerCommented:
You forgot to update the firewall to allow tcp port 1022.
0
TobiasHolmCommented:
Are you trying to access your server from a Windows machine using PuTTY? Have you tried to turn off the firewall on the Windows machine in case the Windows firewall are blocking outgoing TCP traffic to port 1022?
0
badwolfffAuthor Commented:
I turned off my firewall, I added port 1022 incoming and outgoing on my router (screenshots of both attached).
Windows 7 x64 firewall setting Router settings 1 Router settings 2 Router settings 3
On Putty I changed the port from 22 to 1022 before trying to connect. It doesn't work.
Putty settings
After deactivating the firewall and opening the router this test came out as negative all the same:
 Portcheck
I have access to the sever in another way so I also tried the following on my server:

lupocatttivo@octane:~$ nmap octane

Starting Nmap 6.40 ( http://nmap.org ) at 2014-08-09 15:52 BST
Nmap scan report for octane (176.58.105.78)
Host is up (0.00070s latency).
rDNS record for my_IP: host_name
Not shown: 998 closed ports
PORT     STATE SERVICE
80/tcp   open  http
1022/tcp open  exp2

Nmap done: 1 IP address (1 host up) scanned in 0.07 seconds

Open in new window




Output of
sudo netstat -punta

tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      -     
tcp6       0      0 :::80                   :::*                    LISTEN      -     
tcp6       0      0 :::1022                 :::*                    LISTEN      -     
udp        0      0 0.0.0.0:28684           0.0.0.0:*                           -     
udp        0      0 0.0.0.0:68              0.0.0.0:*                           -     
udp        0      0 [MY_IPV4]:123       0.0.0.0:*                           -     
udp        0      0 127.0.0.1:123           0.0.0.0:*                           -     
udp        0      0 0.0.0.0:123             0.0.0.0:*                           -     
udp6       0      0 :::32882                :::*                                -     
udp6       0      0 [MY_IPV6]:123 :::*                                -     
udp6       0      0 fe80::f03c:91ff:fe7:123 :::*                                -     
udp6       0      0 ::1:123                 :::*                                -     
udp6       0      0 :::123                  :::*                                -     

Open in new window



lupocatttivo@octane:~$ netstat -na |grep \:1022
tcp        0      0 0.0.0.0:1022            0.0.0.0:*               LISTEN
tcp6       0      0 :::1022                 :::*                    LISTEN

Open in new window



Then I tried this command:
lupocatttivo@octane:~$ ufw allow 1022:1022/tcp
ERROR: Bad port

Open in new window


What am I doing wrong where? Any advice will be appreciated.

thanks in advance
0
Hey MSSPs! What's your total cost of ownership?

WEBINAR: Managed security service providers often deploy & manage products from a variety of solution vendors. But is this really the best approach when it comes to saving time AND money? Join us on Aug. 15th to learn how you can improve your total cost of ownership today!

Kent WSr. Network / Systems AdminCommented:
The firewall (iptables) on your server running sshd most likely has port 1022 blocked. Unblocking on your router and windows box aren't the whole job.  In the future when you change sshd ports, leave your original connection open on 22. Restarting sshd will not kick you off that session. Then you can test your new port and eialy revert or fix issues much more easily.
I did not see anything above of you addressing the servers firewall.
0
badwolfffAuthor Commented:
Thank you mugojava
But what is the solution? I haven't solved the problem yet. What should I do to unblock the port on the server?

thanks
0
Kent WSr. Network / Systems AdminCommented:
If you want to accept all on that port, then
iptables -A INPUT -p tcp --dport 1022 -j ACCEPT

If you want to lock it down to just your conneting-from IP or IP range -

iptables -A INPUT -s 192.168.1.1/24 -j ACCEPT
(Substutute your ip/32, or your iprange/bit.

To save,
sudo iptables-save > firewall.rules

And I'm assuming Ubuntu 14.x hasn't changed this.

sudo iptables -L -n
will dump the rules list to your standard out so you can inspect and make sure the rule is there.
0
badwolfffAuthor Commented:
It doesn't work. Same problem as before.

By the what is the opposite of this: iptables -A INPUT -p tcp --dport 1022 -j ACCEPT
How do I remove this port?
0
Jan SpringerCommented:
iptables -D INPUT -p tcp --dport 1022 -j ACCEPT

removes it.

what is the output of

iptables --list -n --line-numbers
0
Kent WSr. Network / Systems AdminCommented:
You should have ACCEPT at the end.  I pasted in a line to make sure it was correct, and put DROP on the end.
I edited, but make sure you are doing the line with ACCEPT.

to negate the above line, just change -A to -D
iptables -D INPUT -p tcp --dport 1022 -j ACCEPT

You can test to see if your filrewall is actually blocking by temporarily disabling.

 sudo ufw disable
if you have ufw, or just turn off the iptables service, just long enough to test and see if that's the issue.
Also make sure nothing else is listening on port 1022

netstat -na
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
badwolfffAuthor Commented:
Doesn't work. I am abandoning the question. I have lost half a day trying this and nothing works.

I did try netstat -na and nothing is listening on port 1022

I don't know what the problem is but I tried the whole thing over and over again even with ports 2222 and 2013, but no good. Also I found no convincing solutions on google either.
0
TobiasHolmCommented:
If netstat doesn't  list port 1022 the ssh service is probably not running using port 1022 on the server.
0
Kent WSr. Network / Systems AdminCommented:
You did restart the sshd service after changing ports right?
Also check selinix. You can disable temporarily with
setenforce 0

Turn back on with
setenforce 1
0
badwolfffAuthor Commented:
I did restart SSH service. I even rebooted with no results.
Unfortunately it is too late. I need this box up and running for tomorrow morning.
I have already started a rebuild :(

I am happy to give you points for your effort but the problem remains unsolved.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.