SRX Services Gateway
Highlighted
SRX Services Gateway

How to change ssh default port for extra security in srx1500

‎02-26-2017 08:16 PM

Hi all,

 

i want to change ssh port to 2222 for extra security in srx 1500 , how to change it any configuration  pls...

4 REPLIES 4
SRX Services Gateway

Re: How to change ssh default port for extra security in srx1500

‎02-27-2017 03:09 AM

Unfortunately, changing the inbound ssh port in Junos is not an option.

 

All you can do is use either security policies with the destination zone junos-host to restrict access to your mgmt subnets only or the same thing by applying an re-protect firewall filter for the same purpose.

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
SRX Services Gateway

Re: How to change ssh default port for extra security in srx1500

‎02-27-2017 07:31 AM

@Asifkhan wrote:

Hi all,

 

i want to change ssh port to 2222 for extra security 


That will probably last for 15 mins or less and then it will be discovered by port scanners & mapped as open SSH port since SSH has a bad habit of advertising itself.

But leaving the "security by obscurity" topic aside, You can do it in a couple of ways:

1/ edit file /etc/services and put in whatever port You want for SSH, then restart sshd. These changes won't survive reboot.

2/ use destination NAT for locally-terminated tcp/22 packets.

HTH

Thx
Alex

 

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
SRX Services Gateway

Re: How to change ssh default port for extra security in srx1500

‎02-28-2017 02:50 AM

how to do it in /etc/services bro..which editor i should use.i tried vim , gedit and nano but no one can do any thing ..

Distinguished Expert
SRX Services Gateway

Re: How to change ssh default port for extra security in srx1500

[ Edited ]
‎06-13-2019 12:49 AM

Please follow Below link to edit the files. 

 

https://www.cs.colostate.edu/helpdocs/vi.html

 

Regards,

Ved (JNCIP-SEC)