I would strongly suggest that you disable password/passphrase auth and use public key.
Common tools don’t care what port a service listens on, they scan them all and respond based on what information comes back. As such, many (perhaps even most now) now consider changing ports to be a waste of time. > On Apr 9, 2015, at 7:09 AM, Rich Shepard <[email protected]> wrote: > > The last business trip had ssh issues because I did not change the ssh > port number on my LAN firewall; Russell graciously brought that error to my > attention. Changed the firewall port number, reset it, and tested remote > access at the local library branch. Thought all would work as previously. > > That's not the case. Here I am, again 500 miles away, and when I tried to > ssh to my server to access mail and files, the attempts failed. traceroute > would reach a Frontier Tigard router then stop. Hmm-m-m. That should have > been fixed with the firewall ssh port number corrected. > > Searching the Web for an answer I came upon this site: > <http://www.infobyip.com/sshservertest.php>. Entered the sub-domain name and > port number, clicked the 'Check' button, and a couple of seconds later was > rewarded with: > > Connected to <domainname>:<port number> > PASS Server fingerprint is B971680C85D08A84CF882D9F9E0DAE6A > > Back to a v.t. and re-try. Now I get a message that the new IP address > (Frontier chages them every hour from about 17:30 one day to 06:50 the next > day) is not recognized as an allowed host, but the passphrase prompt is > presented. Entering that string allows me entry to my server, obviously, > because I'm sending this message from it. > > My question is why ssh and traceroute might now be failing until the web > site tests the connection, then it works from a shell? The next question is > what I might do to avoid having this extra step when remotely connecting > since that has not happened prior to my changing the ssh port number and the > authentification from password to passphrase. Perhaps they have nothing to > do with the issue but it's a hassle I'd much like to resolve. > > Will check later this afternoon when meetings are over and I'm back in the > hotel. > > TIA, > > Rich > _______________________________________________ > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug -- Louis Kowolowski [email protected] <mailto:[email protected]> Cryptomonkeys: http://www.cryptomonkeys.com/ <http://www.cryptomonkeys.com/> Making life more interesting for people since 1977
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
