[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

I changed the sshd_config port and cannot login using putty anymore. What should I do?

Posted on 2014-08-09
13
Medium Priority
?
766 Views
Last Modified: 2014-08-09
Hi all,

I have a ubuntu 14.04 x64 distribution and I was following a tutorial I found on the net to harden it:
http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lts-server-part-1-basics

I changed the port to 1022.

Before this I could normally login using my SSH privatekey through putty on port 22.
Now when I try to open the putty connection I get Network error: Connection refused

In putty I even changed the port to 1022 and retried but I get a different error this time:
Network error: Connection timed out

What am I doing wrong?

thanks in advance
0
Comment
Question by:badwolfff
  • 5
  • 4
  • 2
  • +1
13 Comments
 
LVL 29

Assisted Solution

by:Jan Springer
Jan Springer earned 668 total points
ID: 40250643
You forgot to update the firewall to allow tcp port 1022.
0
 
LVL 18

Expert Comment

by:TobiasHolm
ID: 40250644
Are you trying to access your server from a Windows machine using PuTTY? Have you tried to turn off the firewall on the Windows machine in case the Windows firewall are blocking outgoing TCP traffic to port 1022?
0
 

Author Comment

by:badwolfff
ID: 40250761
I turned off my firewall, I added port 1022 incoming and outgoing on my router (screenshots of both attached).
Windows 7 x64 firewall setting Router settings 1 Router settings 2 Router settings 3
On Putty I changed the port from 22 to 1022 before trying to connect. It doesn't work.
Putty settings
After deactivating the firewall and opening the router this test came out as negative all the same:
 Portcheck
I have access to the sever in another way so I also tried the following on my server:

lupocatttivo@octane:~$ nmap octane

Starting Nmap 6.40 ( http://nmap.org ) at 2014-08-09 15:52 BST
Nmap scan report for octane (176.58.105.78)
Host is up (0.00070s latency).
rDNS record for my_IP: host_name
Not shown: 998 closed ports
PORT     STATE SERVICE
80/tcp   open  http
1022/tcp open  exp2

Nmap done: 1 IP address (1 host up) scanned in 0.07 seconds

Open in new window




Output of
sudo netstat -punta

tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      -     
tcp6       0      0 :::80                   :::*                    LISTEN      -     
tcp6       0      0 :::1022                 :::*                    LISTEN      -     
udp        0      0 0.0.0.0:28684           0.0.0.0:*                           -     
udp        0      0 0.0.0.0:68              0.0.0.0:*                           -     
udp        0      0 [MY_IPV4]:123       0.0.0.0:*                           -     
udp        0      0 127.0.0.1:123           0.0.0.0:*                           -     
udp        0      0 0.0.0.0:123             0.0.0.0:*                           -     
udp6       0      0 :::32882                :::*                                -     
udp6       0      0 [MY_IPV6]:123 :::*                                -     
udp6       0      0 fe80::f03c:91ff:fe7:123 :::*                                -     
udp6       0      0 ::1:123                 :::*                                -     
udp6       0      0 :::123                  :::*                                -     

Open in new window



lupocatttivo@octane:~$ netstat -na |grep \:1022
tcp        0      0 0.0.0.0:1022            0.0.0.0:*               LISTEN
tcp6       0      0 :::1022                 :::*                    LISTEN

Open in new window



Then I tried this command:
lupocatttivo@octane:~$ ufw allow 1022:1022/tcp
ERROR: Bad port

Open in new window


What am I doing wrong where? Any advice will be appreciated.

thanks in advance
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
LVL 12

Expert Comment

by:Kent W
ID: 40250808
The firewall (iptables) on your server running sshd most likely has port 1022 blocked. Unblocking on your router and windows box aren't the whole job.  In the future when you change sshd ports, leave your original connection open on 22. Restarting sshd will not kick you off that session. Then you can test your new port and eialy revert or fix issues much more easily.
I did not see anything above of you addressing the servers firewall.
0
 

Author Comment

by:badwolfff
ID: 40250820
Thank you mugojava
But what is the solution? I haven't solved the problem yet. What should I do to unblock the port on the server?

thanks
0
 
LVL 12

Assisted Solution

by:Kent W
Kent W earned 1332 total points
ID: 40250843
If you want to accept all on that port, then
iptables -A INPUT -p tcp --dport 1022 -j ACCEPT

If you want to lock it down to just your conneting-from IP or IP range -

iptables -A INPUT -s 192.168.1.1/24 -j ACCEPT
(Substutute your ip/32, or your iprange/bit.

To save,
sudo iptables-save > firewall.rules

And I'm assuming Ubuntu 14.x hasn't changed this.

sudo iptables -L -n
will dump the rules list to your standard out so you can inspect and make sure the rule is there.
0
 

Author Comment

by:badwolfff
ID: 40250862
It doesn't work. Same problem as before.

By the what is the opposite of this: iptables -A INPUT -p tcp --dport 1022 -j ACCEPT
How do I remove this port?
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 40250870
iptables -D INPUT -p tcp --dport 1022 -j ACCEPT

removes it.

what is the output of

iptables --list -n --line-numbers
0
 
LVL 12

Accepted Solution

by:
Kent W earned 1332 total points
ID: 40250875
You should have ACCEPT at the end.  I pasted in a line to make sure it was correct, and put DROP on the end.
I edited, but make sure you are doing the line with ACCEPT.

to negate the above line, just change -A to -D
iptables -D INPUT -p tcp --dport 1022 -j ACCEPT

You can test to see if your filrewall is actually blocking by temporarily disabling.

 sudo ufw disable
if you have ufw, or just turn off the iptables service, just long enough to test and see if that's the issue.
Also make sure nothing else is listening on port 1022

netstat -na
0
 

Author Comment

by:badwolfff
ID: 40250892
Doesn't work. I am abandoning the question. I have lost half a day trying this and nothing works.

I did try netstat -na and nothing is listening on port 1022

I don't know what the problem is but I tried the whole thing over and over again even with ports 2222 and 2013, but no good. Also I found no convincing solutions on google either.
0
 
LVL 18

Expert Comment

by:TobiasHolm
ID: 40250895
If netstat doesn't  list port 1022 the ssh service is probably not running using port 1022 on the server.
0
 
LVL 12

Expert Comment

by:Kent W
ID: 40250896
You did restart the sshd service after changing ports right?
Also check selinix. You can disable temporarily with
setenforce 0

Turn back on with
setenforce 1
0
 

Author Comment

by:badwolfff
ID: 40250899
I did restart SSH service. I even rebooted with no results.
Unfortunately it is too late. I need this box up and running for tomorrow morning.
I have already started a rebuild :(

I am happy to give you points for your effort but the problem remains unsolved.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses
Course of the Month18 days, 8 hours left to enroll

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question