Access Any Remote Server Port Without Modifying Firewall Settings

in Categories , , , , , , , , , , , , , , , last updated July 15, 2008

I’ve couple of remote servers and I’d like to access few admin only application running on port 10000 and 3001. My firewall only allows port 80, 443, 25, 22 and 110 for public access. Do I need to open port 10000 and 3001 for everyone using firewall? How do I access my admin only apps without opening port 10000 and 3001?

How to: Turning off SFTP server under Linux / UNIX cpanel server

in Categories , , , , , , , , , last updated October 10, 2007

Q. I’ve CentOS Linux cpanel server. I’d like to turn off SFTP server but only allow SSH for root user. How do I trun off sftp server?

A. OpenSSH / sshd reads configuration data from /etc/ssh/sshd_config. The file contains keyword-argument pairs, one per line. Lines starting with ‘#’ and empty lines are interpreted as comments. Configures an external subsystem such file transfer daemon (SFTP) done through this file only. Arguments should be a subsystem name and a command to execute upon subsystem request. The command sftp-server implements the “sftp” file transfer subsystem. sftp-server is a program that speaks the server side of SFTP protocol. sftp-server is not intended to be called
directly, but from sshd using the Subsystem option.

Disable / Turn off sftp server

Open /etc/ssh/sshd_config file:
# vi /etc/ssh/sshd_config
Find line that read as follows:
Subsystem sftp /usr/lib/openssh/sftp-server
Remove or comment out line by prefixing #:
# Subsystem sftp /usr/lib/openssh/sftp-server
Save and close the file. Restart sshd service:
# /etc/init.d/sshd restart

Linux: Openssh (ssh server) deny root user access

in Categories , , , , , , , , last updated August 2, 2007

Q. How do I block access to root user over ssh session?

A.. sshd (OpenSSH Daemon) is the daemon program for ssh. Server side ssh configuration is defined in /etc/ssh/sshd_config file.

You need to use DenyUsers option to block access to root user.

This option can be followed by a list of user name patterns, separated by spaces. Login is disallowed for user names that match one of the patterns. Only user names are valid; a numerical user ID is not recognized. By default, login is allowed for all users. If the pattern takes the form USER@HOST then USER and HOST are separately checked, restricting logins to particular users from particular hosts.

Open /etc/ssh/sshd_config file

Use vi command:
# vi /etc/ssh/sshd_config

Deny root user access

Append or modify as follows to block root user:
DenyUsers root

If you want to block additional user just append names to DenyUsers
DenyUsers root, user2, user3

Save and close the file. Restart sshd service:
#/etc/init.d/sshd restart