Change Default SSH Port

Are you looking for ways to secure your Linux server? Try changing the default SSH port, normally at port 22, to something else like port 450, for example. Changing the SSH port does not necessarily make your server that more secure, but it makes it harder for people to guess which port is open for SSH use.

To change the default SSH port. Edit the /etc/ssh/sshd_config file from the Terminal.

sudo nano /etc/ssh/sshd_config

Change from Port 22 to Port 450 for example.

Port 450

Save file and exit.

Restart SSH

sudo /etc/init.d/ssh restart

To SSH to your server, all you have to do is:

ssh username@server.com -p 450

Use Nmap To Scan Your Network

The Nmap utility will scan devices connected to your network. Nmap is a free open-source utility used by network admins and anyone to explore, scan, secure and audit the network. For example, if your internal network is 10.10.10.0/24 network, you can use the following Nmap options to scan your network.

nmap -sP 10.10.10.0/24

The command above produces the following output:

As you can see, the nmap utility has found 8 devices connected to my network. It usually takes 30 seconds or so to scan the entire network. With the available data, I can now ping, ssh, or view the device via web browser if that service is available. Nmap makes troubleshooting the network that much more easier.

Just like most Linux utilities, nmap has a ton of options worth checking. Simply type -- help to read more options.

nmap --help

If you are a Windows user, the nmap utility is available for download.

For Ubuntu users, simply type the following to install

sudo apt-get install nmap

Install SSH Server on Ubuntu Desktop

So you just installed the latest version of Ubuntu on your desktop. You want to access your spanking new Ubuntu machine from another computer. There are two ways in accomplishing this: (1) the fast and easy way via SSH, or (2) the slightly more difficult way via graphics called Remote Desktop.

Let’s say we go with the easy route in this article. We want to access it via SSH. I’ll follow up with another article how to access your Ubuntu desktop using Remote Desktop. So, we want to access your Ubuntu desktop via SSH. What we need is a SSH server. We can easily install OpenSSH Server by just installing the SSH server from the Terminal.

Install SSH Server

sudo apt-get install ssh-server

Done. Simple.

SSH Client

Your remote computer must have a SSH client to access your Ubuntu desktop. I recommend that you use Putty if you are a Windows users. Putty is a SSH client program to access your Ubuntu desktop. If you are a Mac or a Linux user, you can simply use the Terminal. Access your Ubuntu server by invoking the SSH client.

ssh 10.10.10.10

That’s the IP address of my Ubuntu desktop. You can specify a hostname if you have an internal DNS that’s working. You can also specify the username and the port number if you using a different port from the standard port 22.

ssh 10.10.10.10 -l username -p 2222

Hostgator SSH Access

Ok, so this is the fourth time I’ve forgotten how to access my Hostgator account via SSH. I might as well document it here, for old times sake. It’s so simple really, but I don’t know why I keep on forgetting it. To access the account, just use port 2222 instead of 22. That’s it. I don’t know why I can’t remember that. I blame it on old age.

# ssh server -p 2222

Actually, I’ve been really happy with Hostgator. No major or drawn out outages. Just a couple of hiccups here and there. They are minor things, really. I counted twice, the times the site was slow, but otherwise, Hostgator was able to fix it in a couple of hours. They only thing I miss from my old webhost is the ability to install a Subversion repository on the server. Hostgator, are you listening?

But, I got that’s running now on my desktop. It’s probably better that way. It’s more secure. It’s not like my code is highly classified or super sensitive. It’s not! But, placing it on your desktop is probably better. Until your hard drive crashes. So, keep backup copies regularly.

Install Subversion Repository on Ubuntu Desktop

This is a tutorial how to install a Subversion on your desktop. Subversion is an open-source revision control system. A repository is usually installed on servers so developers and programmers can have easy access to code. Subversion uses a check-in an check-out process for submitting changes to the repository. The repository can also be installed on desktop systems. Access is gained through many means by way of direct file access, ftp, http, svn and svn+ssh. See chart below.

Installing Subversion will install both Subversion administration tools and the client. In Ubuntu or Debian-based systems, you can install Subversion by performing the following commands. By the way, I added an Apache and Subversion WebDav module so both can be installed with just a single command.

Install Subversion

sudo apt-get install subversion libapache2-svn

Reboot the Apache Web Server

sudo /etc/init.d/apache2 restart

Create a Subversion Repository

svnadmin create /home/yourname/repository/

I’m placing the repository in my home directory. You can place it anywhere in your system. You may need to use sudo if you install it outside of your home directory. Remember the repository location, we will use it a few times below to configure the Apache Subversion WebDav module, etc.

Import your Repository

svn import /path/to/import/directory file:///home/yourname/repository

If you have a repository ready, now is a good time to import it. If you are just starting out, you can initialize the Repository here.

Access to Subversion

file:// Direct access on local disk
http:// Browser using http WebDav protocol
https:// Browser using https secure and WebDav
svn:// Subversion protocol
svn+ssh:// Subversion protocol and SSH tunnel

Configure WebDav protocol

sudo vi /etc/apache2/apache2.conf

Add

<Location /svn>
DAV svn
SVNPath /home/yourname/repository
AuthType Basic
AuthName "Repository"
AuthUserFile /etc/subversion/passwd
<LimitExcept GET PROPFIND OPTIONS REPORT>
Require valid-user
</LimitExcept>
</Location>

Change Ownership to HTTP-User

sudo chown -R www-data:www-data /home/yourname/repository

Password Protect the Repository

sudo htpasswd -c /etc/subversion/passwd username

You will be asked to provide a password. Enter the password twice.

Reboot Apache Server

sudo /etc/init.d/apache2 restart

It’s probably a good idea to restart the Apache server one more time.

Browser Access
Next, open up your browser and access http://localhost/svn from the address bar. You will be asked for the username and password. You should see the repository and any content or directory underneath it. That’s it. Happy coding.