Re: opening port for SSH

All of lore.kernel.org
 help / color / mirror / Atom feed

From: bjorn@ruberg.no (Bjørn Ruberg)
To: netfilter@lists.netfilter.org
Subject: Re: opening port for SSH
Date: 14 Dec 2005 18:39:26 +0100	[thread overview]
Message-ID: <uizoe3jefxt.fsf@false.linpro.no> (raw)
In-Reply-To: <000001c600d3$c48640b0$0101000a@sterenborg.info>

"Rob Sterenborg" <rob@sterenborg.info> writes:

> > And, what's the means for "bindind the ssh server to a higher port"?
> 
> A "higher port" means a portnumber somewhere above 1024.
> Normally ssh binds to port 22/tcp (see above). In sshd_config you can
> tell it to bind to 49152 or something.

The important thing to know about high and low ports is that on *nix
systems, only the root user may bind a service to ports below 1024,
while regular users can start any kind of service and making it
available through TCP or UDP ports above and including 1024.

Because you don't want to run the risk of your SSH server being
replaced by some shady regular-user process which will gladly pick up
your login credentials, the smart thing is to bind services like SSH
to ports below 1024.

-- 
Bjørn

next prev parent reply	other threads:[~2005-12-14 17:39 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-12-08 13:43 opening port for SSH Edwin Kapauni
2005-12-08 14:23 ` /dev/rob0
2005-12-09 14:23 ` Georgi Alexandrov
2005-12-09 14:42   ` myhapwcforever
2005-12-09 15:37     ` Georgi Alexandrov
2005-12-14 16:02       ` Edwin Kapauni
2005-12-14 17:28         ` Rob Sterenborg
2005-12-14 17:39           ` Bjørn Ruberg [this message]
2005-12-14 20:36             ` Nick Drage
2005-12-14 22:06               ` Bjørn Ruberg
2005-12-14 20:46             ` Georgi Alexandrov
2005-12-10 14:43   ` myhapwcforever

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=uizoe3jefxt.fsf@false.linpro.no \
    --to=bjorn@ruberg.no \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.