[j-nsp] Changing SSH port on EX switches, M routers

Chris Kawchuk juniperdude at gmail.com
Sun Apr 3 16:47:51 EDT 2011


And last, but not least:

ssh {
    root-login deny;
    protocol-version v2;
    rate-limit 3;
}

Rate limit it in the [system services] stanza. 3 unsuccessful tries and the IP is ignored.

- Chris.

P.S. the 'ssh' services port is defined in /etc/services. Unsure if you adjust the line, that it may move the listening port. Might be worth a try; but naturally this would be a Juniper-unsupported configuration and will probably be overwritten on a software upgrade. It may also affect your firewall filters in the [from] stanza. YMMV.

chrisk at fw02.miller> start shell 
% grep ssh /etc/services
ssh		 22/tcp	   #Secure Shell Login
ssh		 22/udp	   #Secure Shell Login


On 2011-04-02, at 11:23 AM, Jesus Alvarez wrote:

> Hi,
> 
> Is there a way to change the SSH port for managing the EX switches and M routers? We normally avoid using the standard port 22.
> 
> Thanks!
> 
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp




More information about the juniper-nsp mailing list