There are many options - depending on the actual setup:
- You can move SSHD to a non-standard port on all interfaces - easy to do when
setting up the server - just call "setPort" on the SshServer instance- You can
bind SSHD to a specific interface (e.g., 127.0.0.1)om port 22 and bind SFTP to
the public interface on port 22 - easy to do just call "setAddress" (or
something to that effect) on the SshServer instance
I could think of more exotic options - e.g. similar to sslh, using HAPROXY,
etc., etc.
> From: [email protected]
> Date: Mon, 20 Jun 2016 12:10:26 +0530
> Subject: Re: Partial Disabling of port 22 using apache-mina SSHD
> To: [email protected]
>
> Hi elijah,
>
> The requirement is to block port 22 for SSH and accept SFTP connections on
> Port 22. Is there a class/method that can help us achieve the aim?
>
> -Garima Jain.
>
> On Fri, Jun 17, 2016 at 3:27 PM, elijah baley <[email protected]> wrote:
>
> > Is there some reason your code cannot examine the incoming client address
> > and reject it if it does not match some specified criteria (e.g., mask,
> > network, closed group of IPs - whatever...) ?
> >
> > > From: [email protected]
> > > Date: Fri, 17 Jun 2016 14:50:51 +0530
> > > Subject: Partial Disabling of port 22 using apache-mina SSHD
> > > To: [email protected]
> > >
> > > Hi,
> > >
> > >
> > >
> > > We are using com.springsource.org.apache.mina-1.0.2.jar in our product.
> > > The requirement is to disable port 22 for all incoming traffic over SSH
> > but
> > > the same port is required to communicate with few IP’s over 22. Is there
> > a
> > > way to handle selective port blocking?
> > >
> > >
> > > -Garima Jain.
> >
> >
