From: Christian Heller Date: Sun, 2 Dec 2018 00:17:59 +0000 (+0100) Subject: Remove port 443 workaround for blocked SSH port; too rare an issue. X-Git-Url: https://plomlompom.com/repos/%7B%7Bdb.prefix%7D%7D/balance?a=commitdiff_plain;h=f516b485b15409f3550c25e5c92723d8a24c2e8a;p=config Remove port 443 workaround for blocked SSH port; too rare an issue. --- diff --git a/all_new_2018/linkable_etc_files/mail/etc/iptables/rules.v4 b/all_new_2018/linkable_etc_files/mail/etc/iptables/rules.v4 index 7fb4279..2950321 100644 --- a/all_new_2018/linkable_etc_files/mail/etc/iptables/rules.v4 +++ b/all_new_2018/linkable_etc_files/mail/etc/iptables/rules.v4 @@ -10,8 +10,6 @@ -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # SSH -A INPUT -p tcp --dport 22 -j ACCEPT -# HTTPS in theory, in practice my second SSH port, see sshd_config --A INPUT -p tcp --dport 443 -j ACCEPT # SMTP (allowing for STARTTLS); necessary for mail server to mail server banter -A INPUT -p tcp --dport 25 -j ACCEPT # SMTPS, for mail server to mail user agent communication diff --git a/all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4 b/all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4 index 6899ef6..8e0b1f6 100644 --- a/all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4 +++ b/all_new_2018/linkable_etc_files/server/etc/iptables/rules.v4 @@ -10,7 +10,5 @@ -A INPUT -p icmp -j ACCEPT # SSH -A INPUT -p tcp --dport 22 -j ACCEPT -# HTTPS in theory, in practice my second SSH port, see sshd_config --A INPUT -p tcp --dport 443 -j ACCEPT COMMIT # this last line is here because iptables-restore ignores the final command if no newline follows it \ No newline at end of file diff --git a/all_new_2018/linkable_etc_files/server/etc/ssh/sshd_config b/all_new_2018/linkable_etc_files/server/etc/ssh/sshd_config index c3d8c6a..89d08ac 100644 --- a/all_new_2018/linkable_etc_files/server/etc/ssh/sshd_config +++ b/all_new_2018/linkable_etc_files/server/etc/ssh/sshd_config @@ -11,7 +11,6 @@ # default value. Port 22 -Port 443 # plomlompom: used for networks where 22 is banned #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress ::