Change Default SSHD Port Number In Mac OS X

Change Default SSHD Port Number In Mac OS X
I wanted to configure a sshd on my home Mac recently to be able to access it remotely and decided to follow best practice and change port from default value 22/tcp, which is quite an easy task to do on any *nix system.

It turned out that Apple changed service startup process in Mac OS X 10.4 (Tiger) to what is called launchd. So you may guess that changing port number in /etc/sshd_config didn't help and there was no /etc/inetd.conf or xinetd equivalent. At this point it became more interesting.

Finally I've come to the following procedure:
  • Add a new service to the /etc/services file. I've called it ssh-NNNN, where NNNN is desired port number (this name is not a requirement and is only for clarity). So I've got a new line like:
    ssh-NNNN NNNN/tcp
    in /etc/services.
  • Find a file named ssh.plist in /System/Library/LaunchDaemons. In this file find the following text:
    and change ssh to a new service name ssh-NNNN.
  • That's it. Now just start or restart SSH service from the System Preferences. Also, don't forget to open required port on the firewall (I leave this up to you)!
Alt text

Не ждите, пока хакеры вас взломают - подпишитесь на наш канал и станьте неприступной крепостью!


Сергей Солдатов

REPLY-TO-ALL is a double language blog (English/Russian) run by three information security practitioners. Want to discuss information security problems? This is the place.