Hi, I've setup a small LAN of two desktops running CentOS 5 in a medical office. Both are connected to the Internet via a small modem/router. Recently I played around with FreeNX on my own desktop, and I'd like to install it on these two computers. On my PC, I just redirected port 22 in the router, so SSH (and thus FreeNX) requests from the outside get redirected to my desktop PC. (And yes, I have a strong password :oD) I'd like to handle the two PCs from the medical office remotely with FreeNX. I figured that the best way to distinguish them would be to assign a different port for SSH to each of them, and then redirect each of the ports respectively. 1) How do I choose different port numbers for SSH ? Any conventions or caveats for this ? 2) How do I configure these different ports ? By that, I mean : how do I tell SSH to use them instead of port 22 ? Cheers, Niki
Niki Kovacs wrote:> Hi, > > I've setup a small LAN of two desktops running CentOS 5 in a medical > office. Both are connected to the Internet via a small modem/router. > > Recently I played around with FreeNX on my own desktop, and I'd like to > install it on these two computers. On my PC, I just redirected port 22 > in the router, so SSH (and thus FreeNX) requests from the outside get > redirected to my desktop PC. (And yes, I have a strong password :oD) > > I'd like to handle the two PCs from the medical office remotely with > FreeNX. I figured that the best way to distinguish them would be to > assign a different port for SSH to each of them, and then redirect each > of the ports respectively. > > 1) How do I choose different port numbers for SSH ? Any conventions or > caveats for this ? >Choose a random unused high port number (above 1023) http://www.iana.org/assignments/port-numbers.> 2) How do I configure these different ports ? By that, I mean : how do I > tell SSH to use them instead of port 22 ? >http://wiki.centos.org/HowTos/Network/SecuringSSH#head-3579222198adaf43a3ecbdc438ebce74da40d8ec
Niki Kovacs wrote:> Hi, > > I've setup a small LAN of two desktops running CentOS 5 in a medical > office. Both are connected to the Internet via a small modem/router. > > Recently I played around with FreeNX on my own desktop, and I'd like to > install it on these two computers. On my PC, I just redirected port 22 > in the router, so SSH (and thus FreeNX) requests from the outside get > redirected to my desktop PC. (And yes, I have a strong password :oD) > > I'd like to handle the two PCs from the medical office remotely with > FreeNX. I figured that the best way to distinguish them would be to > assign a different port for SSH to each of them, and then redirect each > of the ports respectively. > > 1) How do I choose different port numbers for SSH ? Any conventions or > caveats for this ? > > 2) How do I configure these different ports ? By that, I mean : how do I > tell SSH to use them instead of port 22 ?You don't really need to change the ports on the hosts. Just configure the router to accept different ports on the internet side and redirect to port 22 at the different IP addresses on the inside. Then you only have to change the client settings for access from outside. I'd move both of them away from port 22 on the outside, though - you'll avoid a lot of password guessing attempts that will happen otherwise. -- Les Mikesell lesmikesell at gmail.com
On Sunday 21 March 2010 10:54, Niki Kovacs wrote:> Recently I played around with FreeNX on my own desktop, and I'd like to > install it on these two computers. On my PC, I just redirected port 22 > in the router, so SSH (and thus FreeNX) requests from the outside get > redirected to my desktop PC. (And yes, I have a strong password :oD)There was a lot of information given to you about this, but one piece I didn't see. If you are using SSH then why not switch from password authentication to Key authentication? Thus should someone figure out what port you are using, and today it isn't that hard with the many tools out there, they still will not be able to connect. -- Regards Robert Linux User #296285 http://counter.li.org
On Sun, 2010-03-21 at 15:54 +0100, Niki Kovacs wrote:> I'd like to handle the two PCs from the medical office remotely with > FreeNX. I figured that the best way to distinguish them would be to > assign a different port for SSH to each of them, and then redirect each > of the ports respectively.I think the best option would be to use a freenx proxy server. Then, you only need to forward the standard ssh port to the proxy server. Once you're connected to the proxy machine, you could connect to any freenx server on the LAN. Regards, Ranbir