Results 1 to 6 of 6
  1.    #1  
    This is mainly for my own sanity when i have to do this again and need to find the file, but I would also want to share with others on how to change the default ssh port from 222 to whatever you want it to be.

    The key reason for this is to prevent script kiddies from hammering your phone because they know that the default port is 222. If you change the port number to something else then the script kiddies will be less likely to gain access to your phone and their scripts will move to a different phone.

    Code:
    sudo -i
    mount -o remount, rw /
    vi /etc/event.d/optware-dropbear
    in the file make the following changes
    Code:
    exec /opt/sbin/dropbear -g -F -p <change to whatever port you want>
    /usr/sbin/iptables -D INPUT -i eth0 -p tcp --dport <change to whatever port you want> -j ACCEPT || /bin/t
    /usr/sbin/iptables -I INPUT -i eth0 -p tcp --dport <change to whatever port you want> -j ACCEPT
    save the file with a :wq

    then finally
    Code:
    mount -o remount, ro /
    reboot
    Hope this helps!
  2. RickNY's Avatar
    Posts
    254 Posts
    Global Posts
    319 Global Posts
    #2  
    Not much need to worry about anyone hammering away on the port -- 222 is already a changed port from the standard SSH port of 22.
  3. doctorx's Avatar
    Posts
    70 Posts
    Global Posts
    124 Global Posts
    #3  
    a SSHd toggle to turn off the daemon would be an option too.
  4. #4  
    Note that the latest packaging of OpenSSH and Dropbear from WebOS Internals (now available for direct installation using Preware) uses SSH Key authentication only for the root user on the standard port 22. We no longer need or accept password authentication by default.

    -- Rod
    Last edited by rwhitby; 12/30/2009 at 10:14 PM.
    WebOS Internals and Preware Founder and Developer
    You may wish to donate by Paypal to donations @ webos-internals.org if you find our work useful.
    All donations go back into development.
    www.webos-internals.org twitter.com/webosinternals facebook.com/webosinternals
  5.    #5  
    Quote Originally Posted by RickNY View Post
    Not much need to worry about anyone hammering away on the port -- 222 is already a changed port from the standard SSH port of 22.

    Yes they did change the default ssh port to a different port, but by doing that they inadvertently created a new default ssh port for all rooted palm pre phones.

    This is just an optional extra layer of protection, and there was no real documentation that i could find easily with google searches so I wanted to place it somewhere.
  6. #6  
    It's never a bad idea to change the default port--even in the case of the Pre which is already different from the standard SSH port.

    However, considering that unauthorized remote root login is nigh impossible, and the fact that Dropbear does not supply a default username or password, I think we're pretty safe.
    Treo 300 > Hitachi G1000 > PPC-6700 > PPC-6800 (Mogul) > PPC-6850 (Touch Pro) > Palm Pre & HTC EVO Optimus V

Posting Permissions