Linux Format forums

Update

nigel.taylor — Fri May 11, 2012 11:15 am

Author: nigel.taylor

Posted: Fri May 11, 2012 11:15 am

Excellent, I ahve just done that and everything still seems to be running okay.

Thank you very much for you help.

Much Appreciated.

Nigel

Re: Update

MartyBartfast — Fri May 11, 2012 11:11 am

Author: MartyBartfast

Posted: Fri May 11, 2012 11:11 am

nigel.taylor wrote:

Would I be right in saying that I just need to comment out the line reading Port 443 and restart the SSH Service?

Yes.

Update

nigel.taylor — Fri May 11, 2012 11:03 am

Author: nigel.taylor

Posted: Fri May 11, 2012 11:03 am

Hi Guys,

I have had a look in /etc/ssh/sshd_config and yes in there is a section that reads

#What ports, IPs and protocols we listen for
Port 22
Port 443

Would I be right in saying that I just need to comment out the line reading Port 443 and restart the SSH Service?

Regards,

Nigel

Re: Disabling SSH via Port 443

MartyBartfast — Sun May 06, 2012 10:12 pm

Author: MartyBartfast

Posted: Sun May 06, 2012 10:12 pm

purplepenguin wrote:

Log into your router's admin page and disable port forwarding from port 443

You probably don't want to do that. If you're intending this server to be a webserver then you almost certainly will need port 443 forwarded, which is presumable why this guy chose to have ssh listening on that port , as that he knew he could always get through the router.

I agree with editing /etc/ssh/sshd_config and comment out anything that looks like "Port 443", it should normally listen on port 22, so there will probably be a line in there for that which can be left, but I would be suspicious of any other port definitions.

Note there may also be a line something like

Code:

Listen 1.2.3.4:443

which might also need to be removed.

The best way to remove these lines is to stick a "#" at the start of the line, then they become comments and you can easily put everything back if you screw up.

Once you've edited sshd_config you need to restart sshd, I can't remember how to do that in Ubuntu but if you can reboot the box then that will do it.

As for passwords, if you don't trust this person then the only option you have is to change ALL the passwords, on top of which he may be using an ssh key, so things get more complicated as it's possible you've got legitimate internal ssh keys and they can be virtually impossible to identify where they came from.

[/code]

Re: Disabling SSH via Port 443

purplepenguin — Sun May 06, 2012 7:11 pm

Author: purplepenguin

Posted: Sun May 06, 2012 7:11 pm

Hi I use ssh and sshfs on my home LAN I am not a ssh guru but this is what I would try.

Log into your router's admin page and disable port forwarding from port 443

Look in /etc/ssh/ssh.config or sshd.config look for refs to port 443 and read the comments. If confident either change or comment out the 443 referances.

Do you know which account the person would log on through? and do they use a password or rsa key?
If say they log on via an account called admin with a password change the password. If they created their own account to administer your server remotely you could disable or remove the account.

If you want to change another user accounts password logon to your system as root and

Code:

# passwd username

you will then be asked to enter and re-enter a new unix password for that user account.

Good luck

[/code]

Disabling SSH via Port 443

nigel.taylor — Wed May 02, 2012 6:04 pm

Author: nigel.taylor

Posted: Wed May 02, 2012 6:04 pm

Hi Guys,

Basically I am very much in the newbie catagory in terms of Linux skills.

Basically we had a contractor in who setup a Ubunut Server up for us and I know he enabled himself to access the server from home by proxying through port 443. The contractor no longer works for us.

Is anyone able to advise me on where I can look on the server to get this disabled? The server in question is going to be used as a webserver.

Nigel