[j-nsp] Changing SSH port on EX switches, M routers

[Jesus Alvarez]

> Not exactly, because the sshd is started by inetd - you can as
> root change that file - but you have to ensure it doesn't get
> changed by mgd. So a cron script checking for what is in there
> once an hour does the trick..

Thanks for your answer. That sounds like a clever workaround.

Are the sshd_config options the same as in OpenSSH? On Junos 10.2R3.10 
there is no /etc/ssh/sshd_config. Can I just create a file with a single 
line to change the port (leaving all other options as defaults)? e.g. 
something like

Port xxxxx

Could you share the portion of your cron script that replaces 
sshd_config and restarts sshd when required? I guess port 22 would still 
be available between the time mgd changes the ssh_config and the time 
the cron script restarts sshd. How frequently do you see mgd changing 
the sshd_config?

The SSH port should be configurable in the Junos config but this may be 
a reasonable way to get it implemented.