[TriLUG] se linux with sshd on port 443
Jym Williams Zavada
trilugj at jrwz.net
Fri Jun 25 06:18:52 EDT 2010
Keep in mind that I've never played with selinux, nor do I have a system
handy to test this out. However, I did some googling (search terms: se
linux tutorial), and found the following Apache & selinux tutorial:
http://beginlinux.com/index.php/server_training/web-server/117-web-server/976-apache-and-selinux
(http://tinyurl.com/2f8cxjk)
Based on info I read there and in the semanage(8) man page (google search
terms: man semanage), you can use the following to list selinux port
configurations:
semanage port -l
And then something similar the following would remove port 443 from being
used by https, and thereafter add it to to those allowed for use by sshd:
semanage port -d -t http_port_t -p tcp 443
semanage port -a -t sshd_port_t -p tcp 443
Hope this helps!
-Jym Williams Zavada
On Fri, 25 Jun 2010, Joseph Tate wrote:
> You can't*. Not with selinux enabled anyway. You can run on any
> non-configured port, but 443 is reserved for a specific service as are
> many of the other useful ports. Find a free port (28 is iirc) and
> "register" it as ssh, and then you can listen on that port via config
> in the sshd_config file.
>
> Joseph
>
> * At least I couldn't figure out how to do it. Noone seems to write
> about how to unregister reserved ports, just how to register free
> ports.
>
> On Thu, Jun 24, 2010 at 9:25 PM, Ralph Blach <chipperb at nc.rr.com> wrote:
>> Ok all you experts out there, I want to run se linux but I want sshd on port
>> 443. How do I reconfigure sshd to accomplish this.
>>
>> Thanks
>>
>> Chip
>
More information about the TriLUG
mailing list