This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Change SSH port
#1
Hello,

I just upgraded to 2.0.3 Beta and I notice there is no way I can manage to make sshd to work on a different port than 22.
I think to remember it used to happen in previous versions and that I got it working, but cannot remember how.

Steps to reproduce:
Flash a clean 2.0.3 image. After start for the first time edit /etc/ssh/sshd_config:

Code:
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

Port 2222 
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

Uncomment the #Port 22 line and change to any suitable port.

Restart the board, and see how SSH is still on port 22, and under init process, not sshd as it should be:


Code:
$ sudo netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name     
tcp        0      0 0.0.0.0:5355            0.0.0.0:*               LISTEN      632/systemd-resolve  
tcp6       0      0 :::22                   :::*                    LISTEN      1/init               
tcp6       0      0 :::5355                 :::*                    LISTEN      632/systemd-resolve

If you manually restart the process, it get's started but init process and port 22 remains there:

Code:
$ sudo systemctl restart sshd.service
$ sudo netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name     
tcp        0      0 0.0.0.0:2222            0.0.0.0:*               LISTEN      663/sshd             
tcp        0      0 0.0.0.0:5355            0.0.0.0:*               LISTEN      632/systemd-resolve  
tcp6       0      0 :::22                   :::*                    LISTEN      1/init               
tcp6       0      0 :::2222                 :::*                    LISTEN      663/sshd             
tcp6       0      0 :::5355                 :::*                    LISTEN      632/systemd-resolve

I have tried to add network service as a dependency to /etc/init.d/ssh and force the restart on rc.local without success.

The file /etc/network/if-up.g/openssh-server whit is intended to fix this issue, is on it's place and looks good to me:

Code:
cat /etc/network/if-up.d/openssh-server
#! /bin/sh
# Reload the OpenSSH server when an interface comes up, to allow it to start
# listening on new addresses.

set -e

# Don't bother to restart sshd when lo is configured.
if [ "$IFACE" = lo ]; then
       exit 0
fi

# Only run from ifup.
if [ "$MODE" != start ]; then
       exit 0
fi

# OpenSSH only cares about inet and inet6. Get ye gone, strange people
# still using ipx.
if [ "$ADDRFAM" != inet ] && [ "$ADDRFAM" != inet6 ]; then
       exit 0
fi

# Is /usr mounted?
if [ ! -e /usr/sbin/sshd ]; then
       exit 0
fi

if [ ! -f /run/sshd.pid ] || \
  [ "$(ps -p "$(cat /run/sshd.pid)" -o comm=)" != sshd ]; then
       exit 0
fi

# We'd like to use 'reload' here, but it has some problems; see #502444.  On
# the other hand, repeated restarts of ssh make systemd unhappy
# (#756547/#757822), so use reload in that case.
if [ -d /run/systemd/system ]; then
       systemctl reload --no-block ssh.service >/dev/null 2>&1 || true
else
       invoke-rc.d ssh restart >/dev/null 2>&1 || true
fi

exit 0

What is supposedly the method to change SSH port on TinkerOS?

Br,
Tony
Reply
#2
Open /etc/ssh/sshd_config with a text editor
Code:
sudo leafpad /etc/ssh/sshd_config
Uncomment and change this
Code:
#Port 22
to
Port 2222
Then restart sshd and login
Code:
sudo service sshd restart
ssh linaro@192.168.1.5 -p 2222

Edit: My bad. You are correct. A reboot sets the port back to 22. I'll play with it a bit.

Edit 2: I was successful using /etc/rc.local. Open with a text editor
Code:
sudo leafpad /etc/rc.loca
Then add this just above "exit 0"
Code:
service sshd restart
Reboot.

I found a way to restart the sshd service without leaving both ports open. Not the cleanest, but it works.

Open /home/linaro/.config/lxsession/LXDE/autostart with a text editor and add this
Code:
@sudo service sshd restart
Reply
#3
Question 
I'm still getting this issue in 09/2018 with a fresh install!  Huh
Reply
#4
For my taste, I'd just take the SD card -or plug to read the eMMC- to PC, and correct the relevant bits from the same source used to install the TinkerOS. Of course, unless you have so many difficulties to do so.
If it is done during a ssh session the effects are taken once the session is closed and the service will be restarted. So, there might be a little script that will give few seconds to log you out then restart the service.
Light blue words might be a link. Have you try to click on them? Big Grin
Reply
#5
Hi AntonyMCs,

Update the information that the Tinker Board default use ssh.socket instead of ssh.service, if you would like to change ssh port,
please modify the config file in /lib/systemd/system/sshd.socket.

If you prefer to use ssh.service, please try this command:
Quote:systemctl disable ssh.socket

Then the next reboot will default use ssh.service, so you can modify its config file in /etc/ssh/sshd_config.

By the way, of cause you can still add the line
Quote:systemctl restart ssh.service 
in your booting script, once the restart command running, the ssh will change from ssh.socket to ssh.service automatically.

If any problem, please let me know.
Thank you!
[-] The following 2 users Like ychou's post:
  • JRARocketer, petergloor
Reply
#6
(10-01-2018, 08:39 AM)ychou Wrote: Hi AntonyMCs,

Update the information that the Tinker Board default use ssh.socket instead of ssh.service, if you would like to change ssh port,
please modify the config file in /lib/systemd/system/sshd.socket.

If you prefer to use ssh.service, please try this command:
Quote:systemctl disable ssh.socket

Then the next reboot will default use ssh.service, so you can modify its config file in /etc/ssh/sshd_config.

By the way, of cause you can still add the line
Quote:systemctl restart ssh.service 
in your booting script, once the restart command running, the ssh will change from ssh.socket to ssh.service automatically.

If any problem, please let me know.
Thank you!

Is this documented anywhere ??
I have been struggling with this!

Thanks very much for your help @ychou
Reply
#7
I've been struggling with this issue, too. I've never seen ssh.socket enabled per default in any Debian distribution. Is there an advantage of using ssh.socket?
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)