Last active
October 29, 2015 16:47
-
-
Save trodemaster/db26d5d2b20158fee76e to your computer and use it in GitHub Desktop.
Configure OS X 10.11 to listen on an alternate ssh port.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. Pick a port and hack up your /etc/services file | |
| Change existing port entry from | |
| mbus 47000/udp # Message Bus | |
| mbus 47000/tcp # Message Bus | |
| to.. | |
| ssh-47000 47000/udp # Alternate port SSH Remote Login Protocol | |
| ssh-47000 47000/tcp # Alternate port SSH Remote Login Protocol | |
| 2. copy the ssh.plist | |
| sudo cp /System/Library/LaunchDaemons/ssh.plist /Library/LaunchDaemons/ssh-47000.plist | |
| 3. Edit the plist | |
| a. make sure it's enabled at the top of the file. | |
| <key>Enabled</key> | |
| <true/> | |
| b. Update the label so it doesn't conflict with existing ssh.plist | |
| <key>Label</key> | |
| <string>com.openssh.sshd-47000</string> | |
| c. Update the SockServiceName | |
| <key>SockServiceName</key> | |
| <string>ssh-47000</string> | |
| 3. restart or use launctl to load the plist | |
| 4. check to see if your system is listening | |
| netstat -an | grep 47000 | |
| tcp4 0 0 *.47000 *.* LISTEN | |
| tcp6 0 0 *.47000 *.* LISTEN | |
| Success without messing around with SIP!! | |
| 5. Use your firewall to protect port 22 and open your new port 47000 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment