Link to home
Create AccountLog in
Avatar of Adam AL ABDOU
Adam AL ABDOUFlag for France

asked on

Access my server without RDP

Hello; Here is my problem; i changed the rdp port on my windows server from 3389 to 3341;

I cannot access my server anymore; my hosting company propose me to use rescue mode ( SSH) to connect to server.
So i use putty ( SSH) for connection, but how change the rdp port and set it again 3389?

I need to acces my server to be able to reset the rdp port.

Best regards

Avatar of Kyle Abrahams, PMP
Kyle Abrahams, PMP
Flag of United States of America image

from powershell you could do this:
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber" -Value 3389

Open in new window



https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/change-listening-port

I checked my terminal server and it doesn't have anything in there - EG: I think if there's no value it'll default to 3389.

So from SSH I would recommend deleting the key by running:
reg delete "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\PortNumber"

Open in new window


worse comes to worse you can add it back with:
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v PortNumber /t reg_dword /d 3389"

Open in new window

if you ssh into your system what do you get?  a command prompt?

when you changed the port dis you also change the windows firewall to allow that port? Same with the hosting companies firewall?
Avatar of Adam AL ABDOU

ASKER

Hello Kyle Abrahams
Thank tou for your reponse;
the ssh do not recognize the reg command when i try to delete the port
reg delete "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"

Open in new window

and i got: -bash: reg: command not found.

By the way, i don't have access to powershell so cannot use the command (Set-ItemProperty )
Hello David Johnson, CD 
Thanks for your reponse;

Unfortunately i did not think about firewall when i changed the port and i had to.

I use Putty to ssh in my system; so it a command line window.
More details:
When i contacted my hosting company; they suggested that i use rescue mode: Linux/BSD.

So maybe what i search for is Linux commands.

My Server is: Windows Server 2008
I edited my above comment in case anyone else came across the thread.  Note to refresh your commands if you copied them as RDP-TCP is it's own folder underneath winStations.

Command should have been:  
reg delete "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\PortNumber"

reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-TCP" /v PortNumber /t reg_dword /d 3389"

Open in new window


given that you're using a bash shell you need to connect to the server from there.  Can you ssh to the actual server?
Thanks Kyle Abrahams 

I think your command works in case of ssh over Windows System ( not sure)

My case may be a little different; I have a BSD/Linux launched over network on Windows server.
So I think i need the same command which you sent may for Linux.

I really appreciate any information which can help.

regards. 
How are you connecting to your RDP system?  Through a VPN?  Through a jump server?

When you RDP and use a different port, you can use the hostname or IP address followed by a colon, then the port number.

MYRDP_Server:3341

or

192.168.1.55:3341

If you've changed the port, but didn't update your port forwarding at your firewall, it won't work.  You will need to get to a internal system and connect.
Hi Serialband;

infortunately, i've changed the port without updating port forwarding.

My hosting company ( OVH) launched à BSD/Linux over network on my server. I find this strange to use linux on Windows but i am not expert.

So, when i searched for solution, i found that if i can run Windows command, it will be easy using powershell;

and also Kyle Abrahams mentionned how to use CMD (I think ) to delete and add port number.

The problem that i am not in windows environment.

So I searched for my situation case; i found a linux tool chntpw; but is not clear how to use it; i found some tutorials, but they did not work.
also there is a command available on ssh ( reged ) but the same situation, not clear how to use it.
Hello again;

I succed to have windows rescue system on my server;

I tried to delete the port of rdp for re-adding it again later; the system cannot find the key.
User generated image
ASKER CERTIFIED SOLUTION
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
It might be easier to see if you can run a port forward in Linux to redirect your port back to 3389 and then connect to Windows to correct it.  You can also just leave it that way and use the ssh port forward as an additional gateway.  You don't want port 3389 open to the internet, since you be experiencing a constant barrage of brute force attempts by script kiddies the moment it's been detected.

ssh -L <localport>:<remotehost>:<remoteport> <yourID>@yourbastionhost

ssh -L <3389>:<windowshost>:<3341> <yourID>@yourbastionhost

I would to Thank you all;

I used VNC connection to login to my server, then i used cmd to copy registry file from C:\Windows\System32\config\RegBack to C:\Windows\System32\config

Reboot and that worked.

Thanks.

Best regards