[CentOS] Security advice, please

Thu Mar 26 11:56:39 UTC 2009
Anne Wilson <cannewilson at googlemail.com>

On Monday 23 March 2009 18:59:51 Steve Huff wrote:
> On Mar 23, 2009, at 2:37 PM, Anne Wilson wrote:
> > OK - I'm thick.  I've looked at that page and seen only what I'm
> > already
> > familiar with.  Please, in plain English, how do I set ssh to come
> > in on port
> > 22022 (service called ext-ssh already set up for that) to be
> > forwarded to
> > 192.168.0.xx port 22?
>
> Anne,
>
> if the router really isn't making it easy for you to forward from port
> 22022 to port 22, you could also solve this problem by having sshd
> listen on port 22022 on the server.  do this by editing /etc/ssh/
> sshd_config such that the following two lines *both* appear before any
> ListenAddress specification:
>
> Port 22
> Port 22022
>
> if you're running a software firewall on the host, make sure you poke
> a hole so that traffic can pass from the router to port 22022 on the
> server.  then configure the router to forward from external port 22022
> to internal port 22022, and you're done.
>
> -steve
>
Hopefully this is correctly set up now, but I can't test it until I go to 
somewhere with an open wifi.  Thanks. It may be a couple of weeks before I can 
report back, but I'l let you know how I fared.

Anne

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.centos.org/pipermail/centos/attachments/20090326/e4a01fea/attachment-0005.sig>