« 3D Pictures Are Fun | Main | The Firewall Won't Hold Me Back! »

Changing the Mac OS X ssh Port

As I wrote in a comment for the macgeekery.com article "Basic Mac OS X Security":

One simpler way to change the ssh port is to edit /System/Library/LaunchDaemons/ssh.plist. That file contains these lines:

<key>SockServiceName</key>
<string>ssh</string>

Which is what refers to the "ssh" line in /etc/services. You can change that to any other name from /etc/services, or you can change it to a number, like 2200. As far as I can tell, this also takes care of opening the correct port(s) on the firewall.

I learned this while I was reading the manpage for launchd.plist. I was actually trying to find out where launchd.plist is located on the system, so I was looking the directories mentioned in that document.

I also learned from a comment on macosxhints.com that it's not difficult to open more than one port for the same service:

http://www.macosxhints.com/comment.php?mode=view&cid=96607

Which is how I tested my new ssh port without disabling the existing one.

Posted by on April 4, 2008 01:31 PM |

TrackBack

TrackBack URL for this entry:

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)