#1 2014-04-19 21:43:47

mikho
Low End Mod
From: Hell and gore == Sweden
Registered: 2013-03-02
Posts: 1,520
Website

script to change your sshd port to your first assigned port

Here goes, one of my first tries to do something remotely advanced in bash.

What I've tried to do with this script is to grab the last octet of the assigned internal IP.
Check the /etc/ssh/sshd_config file for a "Port" entry. If one is found try to change Port 22 in /etc/ssh/sshd_config to your first assigned port.
If no Port is found in /etc/ssh/sshd_config, set the Port to the first assigned Portnumber.

also echo the portnumber to the user.
then restart ssh.

save the part inside the code block to a file on your vps.
chmod +x the file
run it



#!/bin/bash
STRIP=$(ifconfig | sed -n -e 's/:127\.0\.0\.[0-9] //g' -e 's/ *inet addr:\([0-9.]\+\).*/\1/gp' | cut -d"." -f4)
a=01
#echo $STRIP
PORT=$(cat /etc/ssh/sshd_config | grep Port | wc -l)
#echo $PORT

echo $STRIP$a
if [ "$PORT" -eq "1" ]
then
        sed -i "s/Port 22/Port $STRIP$a/" /etc/ssh/sshd_config
        /etc/init.d/ssh restart
else
        echo "Port $STRIP$a" >>  /etc/ssh/sshd_config
        /etc/init.d/ssh restart
fi


Known issues:
if Port is available in /etc/ssh/sshd_config and NOT set to 22, it will fail setting another Port.
ssh will be restarted.

Hope someone will find it useful.

Offline

#2 2014-04-19 21:53:38

ZEROF
Trusted Member
From: http://backbox.org
Registered: 2013-10-24
Posts: 124
Website

Re: script to change your sshd port to your first assigned port

mikho,

I fixed that issue with Anthony script:

http://forum.lowendspirit.com/viewtopic … 4749#p4749

Command head will check 1 line in sshd_conf file, that line can use any port. Then sed will do the job to replace that port.

Second solution is to use grep to get port in use then make variable.

$ grep -r Port /etc/ssh/sshd_config

$ Port22

Hope that this can help.

Last edited by ZEROF (2014-04-19 21:57:23)

Offline

#3 2014-04-19 21:57:34

mikho
Low End Mod
From: Hell and gore == Sweden
Registered: 2013-03-02
Posts: 1,520
Website

Re: script to change your sshd port to your first assigned port

My battery ran out so I finished quickly and solved the issue I had.

Thanks for the fix, I'm back on the mobile again. smile

Offline

#4 2014-04-20 13:01:04

5n1p
Trusted Member
Registered: 2013-04-02
Posts: 235
Website

Re: script to change your sshd port to your first assigned port

Well I have tried something similar but it should automatically change port if port is not in preasigned range:

#!/bin/bash
STRIP=$(/sbin/ifconfig | grep "inet addr" | awk -F: '{print $2}' | awk '{print $1}' | tail -1)
STRIP=${STRIP:(-3)}
PORT=$(grep -r Port /etc/ssh/sshd_config)
PORT=${PORT:5:(-5)}
MIN=$STRIP"01"
MAX=$STRIP"20"
OLDPORT="Port "$PORT
NEWPORT="Port "$STRIP"01"
if [[ $PORT -ge $MAX ]] || [[ $PORT -lt $MIN ]]; then
        sed -i "[email protected][email protected][email protected]" /etc/ssh/sshd_config
        /etc/init.d/ssh restart
else
        echo "Nothing to do your port is: $PORT"
fi

but for some reason that 'sed' line i can't get to work. sad

Offline

#5 2014-04-20 17:25:19

ZEROF
Trusted Member
From: http://backbox.org
Registered: 2013-10-24
Posts: 124
Website

Re: script to change your sshd port to your first assigned port

Hi 5n1p,

I will check for solution and i will keep you posted. But you have two variables for same thing. port and old port is same thing in your script.

Last edited by ZEROF (2014-04-20 17:34:20)

Offline

#6 2014-04-20 17:31:57

5n1p
Trusted Member
Registered: 2013-04-02
Posts: 235
Website

Re: script to change your sshd port to your first assigned port

ZEROF wrote:

Hi 5n1p,

I will check for solution and i will keep you posted. But you have two variables for same thing. port and old port is same thing in your script.

No it's just I have tried so many things to get that sed working so $PORT is only ssh port and $OLDPORT is whole line 'Port $PORT' in /etc/ssh/sshd_config, if you figure out how to solve this I will remove most of variables that I don't need. I can solve this with python easy but with bash I'm total newbie ...

Offline

#7 2014-04-20 20:47:06

ZEROF
Trusted Member
From: http://backbox.org
Registered: 2013-10-24
Posts: 124
Website

Re: script to change your sshd port to your first assigned port

Fixed:


#!/bin/bash
STRIP=$(/sbin/ifconfig | grep "inet addr" | awk -F: '{print $2}' | awk '{print $1}' | tail -1)
STRIP=${STRIP:(-3)}
PORT=$(grep -r Port /etc/ssh/sshd_config)
PORT=${PORT:(-5)}
MIN=$STRIP"01"
MAX=$STRIP"20"
OLDPORT="Port "$PORT
NEWPORT="Port "$STRIP"01"
if [[ $PORT -ge $MAX ]] || [[ $PORT -lt $MIN ]]; then
        sed -i "[email protected][email protected][email protected]" /etc/ssh/sshd_config
        /etc/init.d/ssh restart
else
        echo "Nothing to do your port is: $PORT"
fi

Last edited by ZEROF (2014-04-20 21:34:16)

Offline

#8 2014-04-20 21:26:50

5n1p
Trusted Member
Registered: 2013-04-02
Posts: 235
Website

Re: script to change your sshd port to your first assigned port

Thank you for your time @ZEROF but I get error like before:

# ./port.sh
sed: -e expression #1, char 12: unterminated `s' command
[ ok ] Restarting OpenBSD Secure Shell server: sshd.

and actual port in /etc/ssh/sshd_config is not changed. Hopefully we will solve this. I will try it anyway on some other server could be just some strange server related stuff.
Can you confirm this works on your server?

Offline

#9 2014-04-20 21:33:48

ZEROF
Trusted Member
From: http://backbox.org
Registered: 2013-10-24
Posts: 124
Website

Re: script to change your sshd port to your first assigned port

Sorry i copied dirty fix, check now i just updated one line in your code. Example i posted was for me, because i was searching for line making issue.

I don't think that this fix will resolve all problems. Something is not logic on this script and my knowledge don't let me to fix that in few minutes. I see, that now script will replace port, but this is only one time change, not random, you can only use your first open port with this script.

Can you explain me this line:

if [[ $PORT -ge $MAX ]] || [[ $PORT -lt $MIN ]];

Last edited by ZEROF (2014-04-20 21:56:23)

Offline

#10 2014-04-20 22:03:02

5n1p
Trusted Member
Registered: 2013-04-02
Posts: 235
Website

Re: script to change your sshd port to your first assigned port

Will try it tomorow thanks again.

About that line it checks if ssh port is in range that is configured for LES VPS, so if [[ $PORT -ge $MAX ]] is if port greater then max port witch is xxx20, || is for 'or', [[ $PORT -lt $MIN ]] means if port is less then minimal preconfigured port witch is xxx01, then edit ssh port.

Last edited by 5n1p (2014-04-20 22:04:17)

Offline

#11 2014-04-20 23:08:24

5n1p
Trusted Member
Registered: 2013-04-02
Posts: 235
Website

Re: script to change your sshd port to your first assigned port

Ok could't sleep and tried with python and my http://iplog.pw, just copy this code in some port.sh and chmod +x it, so here it is:

#!/bin/bash
STRIP=$(/sbin/ifconfig | grep "inet addr" | awk -F: '{print $2}' | awk '{print $1}' | tail -1)
STRIP=${STRIP:(-3)}
PORT=$(grep -r Port /etc/ssh/sshd_config)
PORT=${PORT:5:(-6)}

wget -O changeport.sh http://iplog.pw/port/$PORT/$STRIP; chmod +x changeport.sh; ./changeport.sh

what will it do is check for current ssh port in /etc/ssh/sshd_config and check for last octet of your private IPv4 then it will download new line from http://iplog.pw/port/ssh_port/last_octet and save it as changeport.sh, for check before using this you can go in your browser with http://iplog.pw/port/22/102 this is one example where port should be changed or http://iplog.pw/port/10205/102 this is example where no action is need so if you need to change port it  will be changed to xxx01 and if not it will stay same.

UPDATE:

while doing this with python I have figured out the problem in my first script it was wrong cut for the $PORT variable it had one space after number sad so new working code in bash is:

#!/bin/bash
STRIP=$(/sbin/ifconfig | grep "inet addr" | awk -F: '{print $2}' | awk '{print $1}' | tail -1)
STRIP=${STRIP:(-3)}
PORT=$(grep -r Port /etc/ssh/sshd_config)
PORT=${PORT:5:(-6)}
MIN=$STRIP"01"
MAX=$STRIP"20"
OLDPORT=$"Port "$PORT
NEWPORT="Port "$STRIP"01"
if [[ $PORT -ge $MAX ]] || [[ $PORT -lt $MIN ]]; then
        sed -i "[email protected][email protected][email protected]" /etc/ssh/sshd_config
        /etc/init.d/ssh restart
else
        echo "Nothing to do your port is: $PORT"
fi

Last edited by 5n1p (2014-04-20 23:32:31)

Offline

#12 2014-04-21 12:43:00

ZEROF
Trusted Member
From: http://backbox.org
Registered: 2013-10-24
Posts: 124
Website

Re: script to change your sshd port to your first assigned port

Hi 5n1p,

I was sure that you will go hunting for solution, that is best way to learn when and where we make some coding mistake.

Thanks to be open mind and not some arrogant jerk lol smile.

Cheers!

Offline

#13 2014-04-21 12:57:15

5n1p
Trusted Member
Registered: 2013-04-02
Posts: 235
Website

Re: script to change your sshd port to your first assigned port

Being arrogant jerk would not fit in LES. This is worst community I know of to be one.

And thank you for your time @ZEROF after this I figured out I could probably make something similar for les using bottle.py, so people would just run small script like this answer few quastions and new script would be generated on iplog.pw with all info and settings:

- new ssh port
- nginx or some other webserver
- wordpress
- znc
- ...

whole simple server setup.
But that is other story, maybe for new thread.

Offline

#14 2014-04-21 13:09:15

ZEROF
Trusted Member
From: http://backbox.org
Registered: 2013-10-24
Posts: 124
Website

Re: script to change your sshd port to your first assigned port

Take your time, but why not. Exploiting ideas and putting them to code was always cool thing to do, of course in free time.

We made a point today, that is important.

Have fun!

Offline

#15 2014-04-21 19:30:26

mikho
Low End Mod
From: Hell and gore == Sweden
Registered: 2013-03-02
Posts: 1,520
Website

Re: script to change your sshd port to your first assigned port

Oh my, what have I started smile

Good work Gents! Hat of for your work

Offline

#16 2014-07-03 04:32:52

jonee
Member
Registered: 2014-07-03
Posts: 2

Re: script to change your sshd port to your first assigned port

maybe possible to add this on vps creation / reinstall?

Offline

#17 2014-07-03 04:49:50

yomero
Trusted Member
Registered: 2014-06-30
Posts: 222

Re: script to change your sshd port to your first assigned port

jonee wrote:

maybe possible to add this on vps creation / reinstall?

Sounds great.
Also, I think an approach of this style has been discussed here: http://forum.lowendspirit.com/viewtopic.php?id=897

And as a similar alternative, maybe something like this iptables rule (I use it in a similar way, but with another port instead of 22) can help:

iptables -t nat -A PREROUTING -p tcp --dport xxxx -j REDIRECT --to 22

where xxxx is the first ipv4 port available.


On other note, reading about the sed battles xD what do you think about this one?

sed -i '/^Port/c\Port xxx' /etc/ssh/sshd_config

This will find the lines starting with "Port", whatever port it has and do a full line replace with the xxx port.

Offline

Board footer

Powered by FluxBB