How to make SSH listen on multiple ports?

Klaus Warzecha

Member
Registered
Joined
Nov 10, 2016
Messages
42
Points
8
Is it possible to set ssh listen on two ports or more than that?

I am running ssh on port 22 but I would to have another ports for it.

Or can I make SSH listen a new port without configurations?
 

racksandcloud

Well-known member
Registered
Joined
May 18, 2017
Messages
89
Points
0
Yes, SSH can listen on multiple ports. Edit sshd_config file and add the new port number.

Port 22
Port 5555
Port 3124

Then restart sshd.
 

AlbaHost

Well-known member
Moderator
Hosting Provider
Joined
Jan 18, 2017
Messages
809
Points
43
Is it possible to set ssh listen on two ports or more than that?

I am running ssh on port 22 but I would to have another ports for it.

Or can I make SSH listen a new port without configurations?
While everyone is trying to hide and restrict ports for security reason, why would you have more than one default port btw?
 

Klaus Warzecha

Member
Registered
Joined
Nov 10, 2016
Messages
42
Points
8
Yes, SSH can listen on multiple ports. Edit sshd_config file and add the new port number.

Port 22
Port 5555
Port 3124

Then restart sshd.
Thanks @racksandcloud, I will try these on my VPS and will let you know if it works.

While everyone is trying to hide and restrict ports for security reason
Why it has security issues? it should not have multiple ports?

why would you have more than one default port btw?
I think multiply choices will be better than a choice.
 

AlbaHost

Well-known member
Moderator
Hosting Provider
Joined
Jan 18, 2017
Messages
809
Points
43
AlbaHost
Yeah, multiple ssh ports = multiple ways to bruteforce/ddos your server.
 

Klaus Warzecha

Member
Registered
Joined
Nov 10, 2016
Messages
42
Points
8
Klaus Warzecha
Can you elaborate this?
I don't think they can find out new ports that I named and bruteforce them.
 

mobin

Well-known member
Registered
Joined
Jun 22, 2017
Messages
234
Points
28
mobin
It is easy to find the new ports unless you limit the new ports to certain networks using the firewall rules. Port scanning is a widely using method to find the services running on the server, detect more possible details and try to exploit based on the details gathered [ like detecting an old software version running and attempt to break using a known vulnerability in the particular software version ]. Service like SSH, which provides ultimate access to the server is super sensitive and normally it is advised to limit access to it as much possible. So using multiple ports means you are opening more doors to public and more headache to the firewall as well because the attacks can come through multiple ports. The suggested way is to use a non-standard port and block port 22; that will help to reduce the brute-force attempts using the defaults port at least.
 

24x7serverman

Well-known member
Hosting Provider
Registered
Joined
Jul 25, 2017
Messages
651
Points
28
You can enable the SSH access for various ports using command line (SSH to your server with root access )

1. Login to your server using SSH access.

2. Edit the firewall configuration file on this location - /etc/ssh/sshd_config
( You can use your choice of editor to edit the firewall configuration file. You can use vi or nano command.)

3. You will find the below code in sshd_config file -
#Port 22

You will need to replace port 22 with the port number for which you would like to provide the SSH access.

4. Once you will done then restart the Firewall service. You can restart the firewall using below command -
service sshd restart

That's it!

Please note, it is not recommended to enable the SSH access for various ports due to security purpose. It will increase the attacks using the open ports. Attacker will have multiple ports open for the attack so you are inviting the attacker. So for server safety, do not open multiple ports for SSH access.
 
Newer Threads
Latest Threads
Recommended Threads

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top