Hey, What shell commands can be executed and how? Or how to provide tunnel? Can you provide sample code for the same?
Any methods from sftp class? -Garima Jain On Jun 21, 2016 10:02 PM, "elijah baley" <[email protected]> wrote: > No, SFTP is not a protocol that runs on a specific port it is a > sub-protocol (actually a subsystem) of SSH. FYI, SSH enables opening > multiple channels on the same session. You can run shell commands (what > many mistakenly call SSH) SFTP and SCP as well as tunnels concurrently on > the same SSH session. The port is always 22 (SSH) for SFTP and SCP (and any > other channel - e.g. PROXY, SOCKS, etc...).. > > > From: [email protected] > > Date: Tue, 21 Jun 2016 11:42:58 +0530 > > Subject: Re: Partial Disabling of port 22 using apache-mina SSHD > > To: [email protected] > > > > Can I keep the port open for sftp and close for ssh? > > > > -Garima Jain. > > > > On Mon, Jun 20, 2016 at 10:33 PM, garima jain <[email protected]> > > wrote: > > > > > Thanks. Will use that. > > > > > > -Garima Jain > > > On Jun 20, 2016 10:31 PM, "Ashish" <[email protected]> wrote: > > > > > >> On Mon, Jun 20, 2016 at 9:43 AM, garima jain <[email protected] > > > > >> wrote: > > >> > Can we use black list/whitelist feature? > > >> > > >> This is what you should use. > > >> > > >> > > > >> > -Garima Jain > > >> > On Jun 20, 2016 10:12 PM, "elijah baley" <[email protected]> > wrote: > > >> > > > >> >> There are many options - depending on the actual setup: > > >> >> - You can move SSHD to a non-standard port on all interfaces - > easy to > > >> do > > >> >> when setting up the server - just call "setPort" on the SshServer > > >> instance- > > >> >> You can bind SSHD to a specific interface (e.g., 127.0.0.1)om port > 22 > > >> and > > >> >> bind SFTP to the public interface on port 22 - easy to do just call > > >> >> "setAddress" (or something to that effect) on the SshServer > instance > > >> >> I could think of more exotic options - e.g. similar to sslh, using > > >> >> HAPROXY, etc., etc. > > >> >> > From: [email protected] > > >> >> > Date: Mon, 20 Jun 2016 12:10:26 +0530 > > >> >> > Subject: Re: Partial Disabling of port 22 using apache-mina SSHD > > >> >> > To: [email protected] > > >> >> > > > >> >> > Hi elijah, > > >> >> > > > >> >> > The requirement is to block port 22 for SSH and accept SFTP > > >> connections > > >> >> on > > >> >> > Port 22. Is there a class/method that can help us achieve the > aim? > > >> >> > > > >> >> > -Garima Jain. > > >> >> > > > >> >> > On Fri, Jun 17, 2016 at 3:27 PM, elijah baley < > [email protected]> > > >> >> wrote: > > >> >> > > > >> >> > > Is there some reason your code cannot examine the incoming > client > > >> >> address > > >> >> > > and reject it if it does not match some specified criteria > (e.g., > > >> mask, > > >> >> > > network, closed group of IPs - whatever...) ? > > >> >> > > > > >> >> > > > From: [email protected] > > >> >> > > > Date: Fri, 17 Jun 2016 14:50:51 +0530 > > >> >> > > > Subject: Partial Disabling of port 22 using apache-mina SSHD > > >> >> > > > To: [email protected] > > >> >> > > > > > >> >> > > > Hi, > > >> >> > > > > > >> >> > > > > > >> >> > > > > > >> >> > > > We are using com.springsource.org.apache.mina-1.0.2.jar in > our > > >> >> product. > > >> >> > > > The requirement is to disable port 22 for all incoming > traffic > > >> over > > >> >> SSH > > >> >> > > but > > >> >> > > > the same port is required to communicate with few IP’s over > 22. > > >> Is > > >> >> there > > >> >> > > a > > >> >> > > > way to handle selective port blocking? > > >> >> > > > > > >> >> > > > > > >> >> > > > -Garima Jain. > > >> >> > > > > >> >> > > > > >> >> > > >> > > >> > > >> > > >> -- > > >> thanks > > >> ashish > > >> > > >> Blog: http://www.ashishpaliwal.com/blog > > >> My Photo Galleries: http://www.pbase.com/ashishpaliwal > > >> > > > >
