This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Wolfgang
Authority
Authority
‎2021-08-10 11:16 PM

change ssh port on R80.40 and higher

 CheckMates,

changing the ssh port via /etc/ssh/sshd_config is broken since R80.40. You can change the port, restart sshd service everything will be fine. But after a reboot the changed entry is removed from sshd_config.

Is there a new clish command available for changing the ssh port or do we have to made the sshd_config readonly after the change ?

Wolfgang

0 Kudos
6 Replies
Zolo
Contributor
Contributor
‎2021-08-10 11:57 PM

Starting from R80.40 Jumbo Hotfix Take 83, instead of editing/backing up /etc/ssh/sshd_config, you should edit/backup /etc/ssh/templates/sshd_config.templ and run /bin/sshd_template_xlate < /config/active

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

dede79
Contributor
‎2024-05-29 04:27 AM
In response to Zolo

SK was deleted and did not survive jumbo install i.e. on R81.10.

Is there actually a workig process to change ssh port permanently?

0 Kudos
Arskazv
Participant
‎2024-10-02 04:29 AM
In response to dede79

I also miss a permanent solution for this... In some cases, one may lose connection...

0 Kudos
PhoneBoy
Admin
Admin
‎2024-10-02 08:39 AM
In response to Arskazv

Checking the R82 EA, it appears the situation is the same (you need to edit the template file and it may not survive a JHF/upgrade).

0 Kudos
Duane_Toler
Advisor
‎2024-10-02 09:16 AM

Do what @PhoneBoy says.  You need to write your changes to the template and they will be preserved/re-generated at each startup.  I've made a few custom changes myself this way and it works.

--
Ansible for Check Point APIs series: https://www.youtube.com/@EdgeCaseScenario and Substack
0 Kudos
Arskazv
Participant
‎2024-10-03 12:21 AM
In response to Duane_Toler

Yes, I have been using that,  but that template is overwritten by jumbo hotfixes. So it's not permanent in that way 😉

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top