SSHD reconfig [Mac Systems]

Prev: Cannot install X11 on Tiger
Next: macos 7.5.3 floppy images, not bin files

From: Howard S Shubs on 5 Feb 2006 13:30

I'm trying to change the port sshd listens on. I tried the normal
change in /etc/sshd_config, but it won't take effect, even after a
reboot. Has anyone else managed to do this?

--
We are the music makers, And we are the dreamers of dreams,
Wandering by lone sea-breakers, And sitting by desolate streams.
from "Ode", Arthur O'Shaughnessy

From: Tom Harrington on 5 Feb 2006 14:09

In article
<howard-053226.13295905022006(a)sn-indi.vsrv-sjc.supernews.net>,
Howard S Shubs <howard(a)shubs.net> wrote:

> I'm trying to change the port sshd listens on. I tried the normal
> change in /etc/sshd_config, but it won't take effect, even after a
> reboot. Has anyone else managed to do this?

On Tiger? You'd need to edit the launchd file for ssh, which is at
/System/Library/LaunchDaemons/ssh.plist. The part that tells what port
to use is:

<key>SockServiceName</key>
<string>ssh</string>

....which tells launchd to look in /etc/services to see what port should
be used for ssh. You should be able to replace "ssh" with a number (the
'swat' launchd file does this). I'm not sure what launchd command(s)
you'd need to use to get the change to take effect.

--
Tom "Tom" Harrington
Macaroni, Automated System Maintenance for Mac OS X.
Version 2.0: Delocalize, Repair Permissions, lots more.
See http://www.atomicbird.com/

From: D P Schreber on 5 Feb 2006 14:13

On 2006-02-05, Howard S Shubs <howard(a)shubs.net> wrote:
> I'm trying to change the port sshd listens on. I tried the normal
> change in /etc/sshd_config, but it won't take effect, even after a
> reboot. Has anyone else managed to do this?

See /System/Library/LaunchDaemons/ssh.plist. This includes the
following:

<key>Listeners</key>
[...]
<dict>
<key>SockServiceName</key>
<string>ssh</string>
</dict>

That is, it starts a listener based on the 'ssh' entry in /etc/services.
So either you need to change that entry or you need to change the
ssh.plist launchd item if you want to change the port. No need to
reboot after making the change; just use launchctl to reload it.

But why do you want to do this anyway? If you think it's more secure to
run sshd on some port other than 22, think again.

From: Warren Oates on 5 Feb 2006 14:12

From: G.T. on 5 Feb 2006 14:41

Tom Harrington wrote:
> In article
> <howard-053226.13295905022006(a)sn-indi.vsrv-sjc.supernews.net>,
> Howard S Shubs <howard(a)shubs.net> wrote:
>
>
>>I'm trying to change the port sshd listens on. I tried the normal
>>change in /etc/sshd_config, but it won't take effect, even after a
>>reboot. Has anyone else managed to do this?
>
>
> On Tiger? You'd need to edit the launchd file for ssh, which is at
> /System/Library/LaunchDaemons/ssh.plist. The part that tells what port
> to use is:
>
> <key>SockServiceName</key>
> <string>ssh</string>
>
> ...which tells launchd to look in /etc/services to see what port should
> be used for ssh. You should be able to replace "ssh" with a number (the
> 'swat' launchd file does this). I'm not sure what launchd command(s)
> you'd need to use to get the change to take effect.
>

Why do they have to make something so simple so complex? What could be
more simpler than adding port 1022 to /etc/sshd_config? What if you
want to run it on two ports? Is everything related to sshd
configuration held in the launchdaemons ssh.plist? Or does it pick some
things from the plist and some from sshd_config?

Greg

--
"All my time I spent in heaven
Revelries of dance and wine
Waking to the sound of laughter
Up I'd rise and kiss the sky" - The Mekons

| Next | Last
Pages: 1 2 3 4 5
Prev: Cannot install X11 on Tiger
Next: macos 7.5.3 floppy images, not bin files