The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Securing SSH CPanel documentatione for my vps won't work

Discussion in 'Security' started by Skin, Nov 5, 2012.

  1. Skin

    Skin Well-Known Member

    Joined:
    Feb 3, 2006
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Italy
    Hello,
    I'm trying to secure my new vps, actually I'm working in securing ssh and I found in your documentation this guide:
    When I change in /etc/ssh/sshd_config the port value, I'm not able to login using ssh .

    I've ben able to ssh login again after using /scripts2/autofixer , looks like the only port I can setup is port 22, any other number won't work.

    Can someone please help?
     
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Do you have a firewall? If so, is the firewall allowing that port to be opened to use it?

    Always keep a window opened in SSH when changing the port number, then check sshd is able to listen onto the new port:

    Code:
    lsof -i :456
    Here 456 represents the port number for sshd that you've set. Replace with whatever number you did use.

    If you aren't seeing it listening, try flushing or stopping the firewall, depending on whether you are using CSF or APF or just iptables.

    If you are using CSF, you can add the port in the WHM > ConfigServer Security & Firewall > firewall configuration area. Of note, we do not provide CSF. This means if you have questions on how to manage it, those need to go to the CSF forum.
     
  3. Skin

    Skin Well-Known Member

    Joined:
    Feb 3, 2006
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Italy
    Thanks very much, I'm using csf so I edited /etc/csf/csf.conf and I inserted my port in # Allow incoming TCP ports
    TCP_IN =


    After restarting csf I've been able to login using ssh :)

    One question, should I insert my new port also in TPC OUT?

    Thanks very much for your support
    Alessio
     
  4. sahostking

    sahostking Well-Known Member

    Joined:
    May 15, 2012
    Messages:
    299
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Cape Town, South Africa
    cPanel Access Level:
    Root Administrator
    If you can SSH in and do what is required don't add any more ports on TCP OUT and IN is my recommendation. Unless you have some other purpose of it. :)
     
Loading...

Share This Page