Home A - Z Changelog
Page Index

Commit 91e08f

2025-09-03 14:11:38 admin: added original dokuwiki page
/dev/null .. ssh.md
@@ 0,0 1,57 @@
+ # SSH
+
+ ## Port change
+
+ In version from Ubuntu newer than 22.04, the SSHD is controlled by
+ Systemd and no longer with the older process way. To change the port, it
+ needs to be done by changing the config from Systemd
+
+ A ssh.socket socket is activated in Systemd to listen to the port, when
+ triggered, it will start the ssh.service (which does not need to be
+ started beforehand, it save memory if no ssh connection is done)
+
+ It is done that way on the OVH VPS:
+
+ 1. Changing the port in a `listen.conf` file
+ 1. sudo nano /etc/systemd/system/ssh.socket.d directory (do not
+ change in /lib/systemd...)
+
+ ``` yaml
+ [Socket]
+ # Uncomment the following line to turn of listening on port 22.
+ ListenStream=
+ ListenStream=0.0.0.0:xxxxx
+ ```
+
+ The empty `ListenStream` is necessary to prevent default port
+ activation. the 0.0.0.0 is for IP v4, use [::] for IP v6. Ubuntu
+ default instruction for port to be IP v6 is not specified.
+
+ Use `systemctl show ssh.socket` to see the config of the socket
+
+ 1. Restart the services
+ 1. `sudo systemctl daemon-reload`
+ 2. `sudo systemctl restart ssh.socket`
+
+ It seems, it should be possible to only do the change with
+
+ 1. `sudo systemctl edit ssh.socket`
+
+ then do the reload/restart
+
+ Then, when calling ssh, do not forget to add -p <port> (see Bitwarden
+ for port)
+
+ To check ssh access, use Systemd login:
+
+ ``` bash
+ journalctl -u ssh -n 50 -e --no-pager
+ ```
+
+ In Systemd, 'ssh' without other information is defaulted to service.
+ So ssh.socket needs to be explicit to see the socket instead of the
+ service.
+
+ That Systemd logging is used by fail2ban to function.
+
+ [One info page](https://lafibre.info/serveur-linux/changer-le-port-de-ssh-ubuntu-24-04/)
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9