Topic: Changing SSH port makes PRIVATE???

[paulmancan2]

Thanks for any help.

I notice when I used the described fragments to change the SSHD port I am no longer able to access from outside the network? I know that the ports are not being blocked. What am I missing?

[egerards]

So if I understand it correctly, you are running sshd on another port than port 22. I am doing something similar by telling my external firewall to forward port XXXX to internal port 22 on my SME server.

If you want to access your SME box on the alternative ssh port, you do it like this (let's say the port nr. is 6666): ssh yourdomain.com -p 6666
If that doesn't work I doubt that the port is really open.

[ldkeen]

If you are going to run your ssh server on a non standard port then you will also need to open that port on the firewall, either that or use port forwarding as Eric described.
Regards Lloyd

[paulmancan2]

Thanks guys. Do you know what the difference is if any between port forwarding and port opening? I have done plenty of port forwarding with the appropriate contrib but this is to machines behind the box. It would seem to make sense that I would use port openeing instead since the box is the SSH daemon.

[Deamon]

Port opening is for the sme server local, port forwarding gives you the opportunity to run a server (e.g. game server) behind the sme server.

Regards,
Ronald

[paulmancan2]

I understand they conceptual difference between port forwarding and opening, but thanks anyway.

What I don't get is why the great Charlie Brady would suggest port forwarding instead of openening:
" ...search here would tell you there's no point in opening ports on the SME server. You just need to port forward. There's a panel for doing that..."

???

The other question I have is when changing the SSHD port SSHD will be directed to listen on the new port but should settings also be changed in the services file?

[Deamon]

What I don't get is why the great Charlie Brady would suggest port forwarding instead of openening:
" ...search here would tell you there's no point in opening ports on the SME server. You just need to port forward. There's a panel for doing that..."

As far as I understand firewalling, port opening is open a port without (packet)filtering, this means that everything is forwarded without any check of content.
So if instead of opening you could also do a portforwarding to you're internal ip of the SME server.

You're second question, i don't know, what i did, on my router I changed the listening port and redirect it to 22, it works fine for me.

Ronald