I have two CentOS servers running SSH on two different non-standard ports. So far as I can tell, they have identical /etc/ssh/sshd_config files with the exception of the different port (both are 22xx). However, when running nmap on them, one betrays the port that SSH is running on, and the other does not. I have shut down iptables on both machines and the behaviour remains this way. What could be the cause? Specifically, how can I hide the port that SSH is running on?
I'm sorry that I cannot provide the IP addresses, the owner of the servers doesn't want that! I also know how silly it is to do "stealth" ports but I'm not the one making the decision!
Thanks!