zos icon indicating copy to clipboard operation
zos copied to clipboard

Published 20 hours ago verified publisher icon threefoldtech

ssh move default port to 34022

Open delandtj opened this issue 4 years ago • 4 comments

nodes with IPv6 will be accessible over ssh. although it's all key besed, we should better move the port to something else than 22 to avoid being probed

delandtj avatar Feb 27 '20 09:02 delandtj

SSH won't be included at all on the release images, so no need to fix AFAIK :)

maxux avatar Feb 27 '20 09:02 maxux

@maxux @delandtj The right way to propagate this on the node is to move the ssh server into the zos repo. and change the port there somehow. During the next release the service will be added into the upgrade flist and apply during upgrade.

I'll move this issue to zos

zaibon avatar Mar 24 '20 15:03 zaibon

Anyway, IMO we still should not ship ssh at all on production. Maybe with a really specific way including flist (obviously) for debugging in production when nothing else can be used. But we claim to have an OS without shell, ssh should not be included in prod.

This issue should at least be renamed, changing the port is useless.

maxux avatar Mar 24 '20 15:03 maxux

At some point we will disable but for now during migration we need to keep it. Having the zinit service define here also prepare for this cause the day we want to shut it down we just have to change the content of the service to a no-op, and hop ssh is gone :-)

zaibon avatar Mar 24 '20 15:03 zaibon

there's an issue to disable debugging all together #1597

xmonader avatar Nov 14 '22 08:11 xmonader