il maestro ignoto

Disclaimer:

This is purely for information purposes. I, the author am not responsible for any ‘nefarious’ or ‘illegal activities’ which might be undertaken as a result of the lesson learned in this article, including but not limited to proxy avoidance, firewall circumvention, port forwarding and/or shooting yourself in the foot. Ask your network administrator if you are worried about the ramifications of your actions.

Right, with that out of the way: This short tutorial is useful if you wish to run the ssh daemon on a non-standard port.

Scenario
Imagine you happen to regularly sit behind a firewall which blocks all ports except http:80, https:443 and telnet:23 and need to connect to a machine on the internet (internetbox.com perhaps). Since the ssh-daemon on internetbox.com runs on port 22, you cannot connect to your internet box since port 22 is blocked from where you are. So why not have ssh listening on port 23 also?

edit your sshd configuration file using vi / emacs / nano or whatever else rocks your boat. This varies depending on what *nix system you are running,

On debian
vi /etc/ssh/sshd_config

Add a new line which reads

Port 23 # or whatever port you wish to run the ssh-daemon on

save it and restart ssh using the command

/etc/init.d/ssh restart

On rpm based systems (RedHat/ Suse / e.t.c)

vi /etc/rc.d/init.d/sshd

after all the initial comments, add the following line
OPTIONS=”$OPTIONS -p 22 -p 23″

and restart ssh by running

/etc/init.d/sshd restart

When you are back behind your firewall, you can connect to your internet box by running

ssh -p 23 username@internetbox.com

TIP: most places will have those 3 ports listed above open for any number of reasons I don’t care to divulge.
To find out what ports are open on a network, nmap is a useful utility to have around