-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Martin Hermanowski wrote: > On Sat, Jan 14, 2006 at 01:58:55PM +0100, Michael Przysucha wrote: > >>Hello, >> >>I want to use ssh on two ports, 22 (standart) and 666. Can anybody tell how >>to configure it? My first thought was to >>simply add the second port nubmer in the configuration but did not work. >>Second was to set up iptables route the port >>but seems to be a bit to oversized!? >> >>I use Debian 2.4.27-2-386, running openSSH. The machine is located behind a >>NAT-router and I do not want to open >>port 22 due to beeing attaced continiously by ssh-scans. >>I do need port 22 for internal use, 666 or any other port would be my >>outbound port for accessing the system from the >>internet. >> >>Does anyone hay an idea how to solve the problem? > > > If you are already using iptables, I would suggest to REDIRECT port 666 > to port 22. > > You could also run rinetd, but then you would lose the source > information. >
Port Forward port 666 on the NAT-Router to port 22 on your local machine. This may be the same as parent, but I wasn't sure if he was talking on the NAT-router or local machine, so I thought I'd rephrase it with my words. I port forward a couple different ports on my firewall to internal machines, but I can still hit them on 22 internally.... - -- - -------------------------------------------------------------------------------- Always leave room to add an explanation if it doesn't work out. Saturday Jan 14, 2006 - -------------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQEVAwUBQ8kmCK3rZxntQpytAQLmLgf/bTyJMppBvB4L81wCxVke920QSKePfuPf SIEDIdkU3/nzsAWJLE+DruSkejdQYfLYqpYmSsvOnBCdnXOXy51Iop+ZRx/8EimV 5TGQ9FbBpbLRLhsYWZ188v5c4zF5mLd7jY926qJn5gumExg4gMkGFHAQLNJVi1/I MXxDpEbHPjbZI26nd4Yj6s9gNLBdlHTfLcbifFxsnENRraNQIh1QcIMQ++9BVvQJ 3bsCJO6Ld5tYzZHFtAIeBgWaS9/Ykv2r2Uw+z8vjv9nwewqXXs0ShqYIEmVCT5pO Bwjk25sijUP0bMisgtgezIq1QgiY0Jmh3Rj/QyUYtlzKZJhnlGm3tA== =IkAN -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]