Linux Format forums Forum Index Linux Format forums
Help, discussion, magazine feedback and more
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Disabling SSH via Port 443

 
Post new topic   Reply to topic    Linux Format forums Forum Index -> Help!
View previous topic :: View next topic  
Author Message
nigel.taylor



Joined: Tue Mar 13, 2012 10:33 am
Posts: 6
PostPosted: Wed May 02, 2012 6:04 pm    Post subject: Disabling SSH via Port 443 Reply with quote
Hi Guys,

Basically I am very much in the newbie catagory in terms of Linux skills.

Basically we had a contractor in who setup a Ubunut Server up for us and I know he enabled himself to access the server from home by proxying through port 443. The contractor no longer works for us.

Is anyone able to advise me on where I can look on the server to get this disabled? The server in question is going to be used as a webserver.

Nigel
Back to top
View user's profile Send private message
purplepenguin



Joined: Wed Oct 05, 2011 3:19 pm
Posts: 36
Location: Blissfully at the Command Line
PostPosted: Sun May 06, 2012 7:11 pm    Post subject: Reply with quote
Hi I use ssh and sshfs on my home LAN I am not a ssh guru but this is what I would try.

Log into your router's admin page and disable port forwarding from port 443

Look in /etc/ssh/ssh.config or sshd.config look for refs to port 443 and read the comments. If confident either change or comment out the 443 referances.

Do you know which account the person would log on through? and do they use a password or rsa key?
If say they log on via an account called admin with a password change the password. If they created their own account to administer your server remotely you could disable or remove the account.

If you want to change another user accounts password logon to your system as root and

Code:
# passwd username


you will then be asked to enter and re-enter a new unix password for that user account.

Good luck

[/code]
Back to top
View user's profile Send private message
MartyBartfast
LXF regular


Joined: Mon Aug 22, 2005 8:25 am
Posts: 785
Location: Hants, UK
PostPosted: Sun May 06, 2012 10:12 pm    Post subject: Reply with quote
purplepenguin wrote:

Log into your router's admin page and disable port forwarding from port 443


You probably don't want to do that. If you're intending this server to be a webserver then you almost certainly will need port 443 forwarded, which is presumable why this guy chose to have ssh listening on that port , as that he knew he could always get through the router.

I agree with editing /etc/ssh/sshd_config and comment out anything that looks like "Port 443", it should normally listen on port 22, so there will probably be a line in there for that which can be left, but I would be suspicious of any other port definitions.

Note there may also be a line something like
Code:

Listen 1.2.3.4:443

which might also need to be removed.

The best way to remove these lines is to stick a "#" at the start of the line, then they become comments and you can easily put everything back if you screw up.

Once you've edited sshd_config you need to restart sshd, I can't remember how to do that in Ubuntu but if you can reboot the box then that will do it.

As for passwords, if you don't trust this person then the only option you have is to change ALL the passwords, on top of which he may be using an ssh key, so things get more complicated as it's possible you've got legitimate internal ssh keys and they can be virtually impossible to identify where they came from.

[/code]
_________________
I have been touched by his noodly appendage.
Back to top
View user's profile Send private message
nigel.taylor



Joined: Tue Mar 13, 2012 10:33 am
Posts: 6
PostPosted: Fri May 11, 2012 11:03 am    Post subject: Update Reply with quote
Hi Guys,

I have had a look in /etc/ssh/sshd_config and yes in there is a section that reads

#What ports, IPs and protocols we listen for
Port 22
Port 443

Would I be right in saying that I just need to comment out the line reading Port 443 and restart the SSH Service?

Regards,

Nigel
Back to top
View user's profile Send private message
MartyBartfast
LXF regular


Joined: Mon Aug 22, 2005 8:25 am
Posts: 785
Location: Hants, UK
PostPosted: Fri May 11, 2012 11:11 am    Post subject: Re: Update Reply with quote
nigel.taylor wrote:

Would I be right in saying that I just need to comment out the line reading Port 443 and restart the SSH Service?


Yes.
_________________
I have been touched by his noodly appendage.
Back to top
View user's profile Send private message
nigel.taylor



Joined: Tue Mar 13, 2012 10:33 am
Posts: 6
PostPosted: Fri May 11, 2012 11:15 am    Post subject: Update Reply with quote
Excellent, I ahve just done that and everything still seems to be running okay.

Thank you very much for you help.

Much Appreciated.

Nigel
Back to top
View user's profile Send private message
View previous topic :: View next topic  
Display posts from previous:   
Post new topic   Reply to topic    Linux Format forums Forum Index -> Help! All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Linux Format forums topic RSS feed 


Powered by phpBB © 2001, 2005 phpBB Group


Copyright 2011 Future Publishing, all rights reserved.


Web hosting by UKFast