New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Does anyone know how to allow ssh port in VULTR?
help me, Im trying to set different port for SSH. I tried many ways editing iptables. but still cant connect to the server.
Now, Im still connected to the server via existng session. But cant create new session.
I flushed iptables.. Hope someone can help me before this last session got disconnected.
Even ssh into port 22 wont work
Comments
You can always use the console in the Vultr control panel.
What rules do you have set for iptables at the moment?
@trewq iptables flushed.. no rules has been added.
I dont know why but console wont work after I flushed the iptables
I just use these three commands to change SSH port on any server.
1: vi /etc/ssh/sshd_config
2: Port 1234
3: service sshd restart
Can't be any simpler.
I just realized that disabling iptables would make the ssh working again..
why rule above wont work?
Without looking at your system, try iptables -I instead of -A. Adding it below a relevant deny rule wouldn't help, for example, where -A appends to the bottom of the chain.
maybe use UFW next time? i myself find iptables confusing too and UFW makes things alot easier. Using this command "ufw allow 41000/tcp" would have allowed the port.
This is what my ssh related iptable entries look like based on whatever guides I found online when I made them.. seems to work fine:
-A INPUT -p tcp -m state --state NEW --dport [SSH port] -j ACCEPT
followed by..
-A INPUT -j DROP
-A FORWARD -j DROP
edit: followed Linode guide to securing server at https://www.linode.com/docs/security/securing-your-server/#creating-a-firewall
I prefer to set the default to drop:
iptables -P INPUT DROP
Then allow ssh like this:
iptables -I INPUT -p tcp --dport 22 -j ACCEPT