Re: [security-onion] sensor to server on another ssh port than 22
103 views
Skip to first unread message
Doug Burks
May 22, 2013, 8:37:42 AM5/22/13
to securit...@googlegroups.com
Hi Wayne,
Supporting non-standard SSH ports is planned for the future:
https://code.google.com/p/security-onion/issues/detail?id=194
In the meantime, you could probably hardcode your non-standard port in
/etc/init/securityonion.conf.
Hope that helps!
Thanks,
Doug
On Tue, May 21, 2013 at 8:55 AM, Wayne Veilleux
<wayne.v...@gmail.com> wrote:
> Hi,
>
> Could we use autossh on another port than 22 while sosetup a new sensor to server ? If yes, could someone please give the link/URL where the HOWTO is ?
>
> Regards,
> Wayne
>
> --
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at http://groups.google.com/group/security-onion?hl=en-US.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
--
Doug Burks
http://securityonion.blogspot.com
Supporting non-standard SSH ports is planned for the future:
https://code.google.com/p/security-onion/issues/detail?id=194
In the meantime, you could probably hardcode your non-standard port in
/etc/init/securityonion.conf.
Hope that helps!
Thanks,
Doug
On Tue, May 21, 2013 at 8:55 AM, Wayne Veilleux
<wayne.v...@gmail.com> wrote:
> Hi,
>
> Could we use autossh on another port than 22 while sosetup a new sensor to server ? If yes, could someone please give the link/URL where the HOWTO is ?
>
> Regards,
> Wayne
>
> --
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at http://groups.google.com/group/security-onion?hl=en-US.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
--
Doug Burks
http://securityonion.blogspot.com
Doug Burks
May 22, 2013, 12:52:53 PM5/22/13
to securit...@googlegroups.com
If you're comfortable with shell scripting, then it should be just a
few obvious changes to the file.
If you're NOT comfortable with shell scripting, then you probably
don't want to make any changes as this file will get overwritten
during upgrades.
Doug
On Wed, May 22, 2013 at 12:23 PM, Wayne Veilleux
<wayne.v...@gmail.com> wrote:
> Thanks Doug. When you say hardcore it in /etc/init/securityonion.conf , would you please point me an example of changing the default 22 port of autossh ?
>
> Thanks,
>
> Wayne
few obvious changes to the file.
If you're NOT comfortable with shell scripting, then you probably
don't want to make any changes as this file will get overwritten
during upgrades.
Doug
On Wed, May 22, 2013 at 12:23 PM, Wayne Veilleux
<wayne.v...@gmail.com> wrote:
> Thanks Doug. When you say hardcore it in /etc/init/securityonion.conf , would you please point me an example of changing the default 22 port of autossh ?
>
> Thanks,
>
> Wayne
Doug Burks
May 23, 2013, 10:16:14 PM5/23/13
to securit...@googlegroups.com
On Wed, May 22, 2013 at 1:00 PM, Wayne Veilleux
<wayne.v...@gmail.com> wrote:
> Doug,
>
> I have no problem with shell scripting and I understand that I will have to maintain securityonion.conf file when updating until you include the issue 194. All I need, is an example of a securityonion.conf file that use another ssh port than 22 to provide the tunnel between the sensor and the server.
I have no example file to give you because I've never done it before :)
> I tried to insert "-p 34567" after the the ssh command into the script without success.
*the* ssh command? There should be multiple ssh commands in
/etc/init/securityonion.conf. There are also ssh and scp commands in
/usr/bin/sosetup and /usr/bin/rule-update that would need to be
updated.
> I also tried to add my server ssh port to use into the /etc/ssh/ssh_config system file without any success.
This is probably the better strategy to pursue due to the multitude of
ssh/scp instances mentioned above.
<wayne.v...@gmail.com> wrote:
> Doug,
>
> I have no problem with shell scripting and I understand that I will have to maintain securityonion.conf file when updating until you include the issue 194. All I need, is an example of a securityonion.conf file that use another ssh port than 22 to provide the tunnel between the sensor and the server.
I have no example file to give you because I've never done it before :)
> I tried to insert "-p 34567" after the the ssh command into the script without success.
*the* ssh command? There should be multiple ssh commands in
/etc/init/securityonion.conf. There are also ssh and scp commands in
/usr/bin/sosetup and /usr/bin/rule-update that would need to be
updated.
> I also tried to add my server ssh port to use into the /etc/ssh/ssh_config system file without any success.
This is probably the better strategy to pursue due to the multitude of
ssh/scp instances mentioned above.
Reply all
Reply to author
Forward
0 new messages