diff options
Diffstat (limited to 'zarb-ml/mageia-discuss/2012-September/008648.html')
| -rw-r--r-- | zarb-ml/mageia-discuss/2012-September/008648.html | 119 |
1 files changed, 119 insertions, 0 deletions
diff --git a/zarb-ml/mageia-discuss/2012-September/008648.html b/zarb-ml/mageia-discuss/2012-September/008648.html new file mode 100644 index 000000000..595715990 --- /dev/null +++ b/zarb-ml/mageia-discuss/2012-September/008648.html @@ -0,0 +1,119 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-discuss] Setting up a port forward + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-discuss%40mageia.org?Subject=Re%3A%20%5BMageia-discuss%5D%20Setting%20up%20a%20port%20forward&In-Reply-To=%3C1721463.7DyK11YbTz%40pip%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + + <LINK REL="Next" HREF="008653.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-discuss] Setting up a port forward</H1> + <B>Deri James</B> + <A HREF="mailto:mageia-discuss%40mageia.org?Subject=Re%3A%20%5BMageia-discuss%5D%20Setting%20up%20a%20port%20forward&In-Reply-To=%3C1721463.7DyK11YbTz%40pip%3E" + TITLE="[Mageia-discuss] Setting up a port forward">deri at chuzzlewit.myzen.co.uk + </A><BR> + <I>Sat Sep 1 00:16:27 CEST 2012</I> + <P><UL> + + <LI>Next message: <A HREF="008653.html">[Mageia-discuss] Setting up a port forward +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#8648">[ date ]</a> + <a href="thread.html#8648">[ thread ]</a> + <a href="subject.html#8648">[ subject ]</a> + <a href="author.html#8648">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>On Friday 31 Aug 2012 22:42:26 Thomas Backlund wrote: +><i> Why not simply have sshd listen on 2 ports and skip need for port +</I>><i> forwarding? +</I>><i> +</I>><i> +</I>><i> Just uncomment the "Port 22" line in /etc/ssh/sshd_config +</I>><i> and add a second line with the second port +</I>><i> +</I>><i> so it would look like +</I>><i> +</I>><i> Port 22 +</I>><i> Port 5122 +</I>><i> +</I>><i> and restart sshd +</I>><i> +</I>><i> with this all access that expects port 22 will continue to work, +</I>><i> and you can also access it through the new 5122 port. +</I>><i> +</I>><i> Simple and effective, and no portforwarding needed. +</I>><i> +</I>><i> -- +</I>><i> Thomas +</I> +And add 5122/tcp to the "Advanced" tab in MCC -> Security -> Personal Firewall +(if you are using a personal firewall). + +If the server is accessible from the internet I would recommend some further +changes to sshd_conf. This is what I use (assuming this is a server for +personal use, not with hundreds of users connecting):- + +================================================= + +LoginGraceTime 120 +PermitRootLogin no + +TCPKeepAlive yes + +AllowUsers ->your user name here<- +MaxStartups 2:90:4 + +================================================== + +The "MaxStartups" parameter deters the script kiddies trying to guess the +password:- + + +MaxStartups +======== + +Specifies the maximum number of concurrent unauthenticated connections to the +SSH daemon. Additional connections will be dropped until authentication +succeeds or the LoginGraceTime expires for a connection. The default is 10. + +Alternatively, random early drop can be enabled by specifying the three colon +separated values “start:rate:full” (e.g. "10:30:60"). sshd(8) will refuse +connection attempts with a probability of “rate/100” (30%) if there are +currently “start” (10) unauthenticated connections. The probability increases +linearly and all connection attempts are refused if the number of +unauthenticated connections reaches “full” (60). + +Cheers + +Deri + +</PRE> + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + + <LI>Next message: <A HREF="008653.html">[Mageia-discuss] Setting up a port forward +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#8648">[ date ]</a> + <a href="thread.html#8648">[ thread ]</a> + <a href="subject.html#8648">[ subject ]</a> + <a href="author.html#8648">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-discuss">More information about the Mageia-discuss +mailing list</a><br> +</body></html> |