I see your point and that makes valid sense;I even change default port. "It would be better to let you know the port is wrong and fail to start until you fixed the problem and selected a valid non-standard port." Is there any reason something like this isn't implemented already? Could it be implemented? On Thu, Jul 30, 2015 at 2:02 PM Ron Frederick <ronf at timeheart.net> wrote:> On Jul 30, 2015, at 1:30 PM, Stop Spazzing <stopspazzing at gmail.com> wrote: > > I would like to suggest adding a fallback in the event that somehow the > sshd_config port number is invalid. > > Example: > Port != (1<= or >=65535) > > By default fall by to port 22, and spit out an error. Same would go for if > the new port is already in use, fall back to port 22 and spit out an error. > > Why is this a good idea? Would be a good idea because people are human and > make mistakes, and you shouldn't have to wipe your server just because an > invalid port was used by accident. > > Why is this a bad idea? I see no reason why this would be a bad idea that I > am aware of. > > > I can think of at least one reason why this is a bad idea. There are a lot > of ssh port scanners out there connecting on port 22, and people often put > their ssh servers on non-standard ports to reduce the amount of this sort > of traffic they receive. If you think you have configured a non-standard > port and happen to get it wrong, I don?t think you?d want the SSH server to > start up on the default port. It would be better to let you know the port > is wrong and fail to start until you fixed the problem and selected a valid > non-standard port. > > -- > Ron Frederick > ronf at timeheart.net > > > >
On Thu, 30 Jul 2015, Stop Spazzing wrote:> I see your point and that makes valid sense;I even change default port. > > "It would be better to let you know the port is wrong and fail to start > until you fixed the problem and selected a valid non-standard port." > > Is there any reason something like this isn't implemented already? Could it > be implemented?sshd -t -- Tim Rice Multitalents tim at multitalents.net
On Thu, 30 Jul 2015, Stop Spazzing wrote:> I see your point and that makes valid sense;I even change default port. > > "It would be better to let you know the port is wrong and fail to start > until you fixed the problem and selected a valid non-standard port." > > Is there any reason something like this isn't implemented already? Could it > be implemented?It is: [djm at fuyu ssh]$ /usr/sbin/sshd -oPort=10000000 command-line line 0: Badly formatted port number. Not sure what version you are using, but that check has been in place for a long time.
Version being used is: OpenSSH_6.6.1 was it added after this? This is the default for Operating system Ubuntu Linux 14.04.2 On Thu, Jul 30, 2015 at 4:13 PM Damien Miller <djm at mindrot.org> wrote:> On Thu, 30 Jul 2015, Stop Spazzing wrote: > > > I see your point and that makes valid sense;I even change default port. > > > > "It would be better to let you know the port is wrong and fail to start > > until you fixed the problem and selected a valid non-standard port." > > > > Is there any reason something like this isn't implemented already? Could > it > > be implemented? > > It is: > > [djm at fuyu ssh]$ /usr/sbin/sshd -oPort=10000000 > command-line line 0: Badly formatted port number. > > Not sure what version you are using, but that check has been in place > for a long time. >