Today i face a problem about ssh and sshd services on my AIX box. Absolutely i can’t connect to the machine using standard port of SSH. This is definitely annoying because this  service of ssh is currently used for maintain and manage the machine remotely.

Thanks to telnet, on first deployment i install the telnet services alongside the ssh for backdoor connection if of the ssh services is failed, so i still connect to my machine.

First step i do is checking the services of sshd an ssh using command below :

#lssrc -s sshd

the result show the services is on inoperative state.

then i invoke the command below to restart the service :

#stopsrc -s sshd

#startsrc -s sshd

the i invoke the first command to see the service state, and the result show the services still on inoperative state.

To see what happened on detail process, the following command invoked :

#/usr/sbin/sshd -de

the terminal show there’s problem on binding port, means the port already used.

to resolve the problem, i decide to change port from standard port to more restricted port. in this case let says the port changed to 789456.

So, what do I do to change this from the AIX side?
Using the following command :

#vi /etc/ssh/sshd_config

I’ve edited the port in /etc/sshd_config (removed the #) Port 789456

I also changed the defaults to 789456 in my  /etc/services

ssh 789456/udp # SSH Remote Login Protocol
ssh 789456/tcp # SSH Remote Login Protocol

then i restart the service again using the following command :

#stopsrc -s sshd

#startsrc -s sshd

to check if the configuration is running well, try to connect to the machine using the following command :

#ssh -p 789456 ahmad@localhost

and voila …. now i can connect to my machine again …

I have read about the security benefits of not using  default port of SSH then i change mine. and now my AIX Box feel more secure …

Cheers

BOG Camp, May 5th 2011

A. Ahmad Kusumah