1 (edited by genzyme 2014-05-16 00:03:57)

Topic: SSH cannot connect after listen port changed to 2288

==== Required information ====
- iRedMail version: 0.8.7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Ubuntu 14.04 LTS
- Related log if you're reporting an issue:
====

For iRedMail, what other considerations for changing SSH listen port from 22 to 2288?
After updating /etc/ssh/sshd_config and sudo restart ssh, PuTTy no longer connecting.
To troubleshoot, disabled firewall on server ( sudo ufw disable ) and on remote PC, no SSH on 2288.
To run a test, revert server pre iRedMail install, and port change to 2288 works without issue.
Same server with iRedMail istalled, port change does not work.  Also tried port 22888.  Any suggestions?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: SSH cannot connect after listen port changed to 2288

Did you update firewall rule /etc/default/iptables? File /etc/init.d/itpables and /etc/default/iptables are generated by iRedMail, it doesn't use ufw right now.

3

Re: SSH cannot connect after listen port changed to 2288

Thanks for your support, issue is resolved:
   $sudo vi /etc/ssh/sshd_config       (changed port22 for ssh to new listening port number for OpenSSH-Server)
   $sudo vi /etc/default/iptables       (changed port22 for ssh to new port number for firewall)
   $sudo /etc/init.d/iptables restart  (restart firewall with updated port number)
   $sudo restart ssh                           (restart OpenSSH with updated port number)
Connect via PuTTy is successful.  Reboot server, still connect via PuTTy, changes were persistent.

Followup question: If you would provide link explaining ufw and iptables, that would be quite nice.  For instance, I do not understand, are two firewall applications running if ufw is enabled?

4

Re: SSH cannot connect after listen port changed to 2288

Also, is this normal to get [fail] for modules when restarting iptables?

:~$ sudo /etc/init.d/iptables restart
* Flushing firewall rules iptables                                                   [ OK ]
* Setting chains to policy ACCEPT filter                                         [ OK ]
Unloading iptables modules                                                            [fail]
* Applying iptables firewall rules                                                   [ OK ]

5

Re: SSH cannot connect after listen port changed to 2288

genzyme wrote:

Followup question: If you would provide link explaining ufw and iptables, that would be quite nice.  For instance, I do not understand, are two firewall applications running if ufw is enabled?

ufw is a "program for managing a netfilter firewall", not a firewall. iptables is the firewall, and it provides command "iptables" to manage it.

genzyme wrote:

Also, is this normal to get [fail] for modules when restarting iptables?

Yes.