Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users

Dashboard
Notifications
Mark all as read
Q&A

Does changing a port address (number) necessates port forwarding?

+0
−0

In the past I have rented hosting services from SiteGround. I recall that their SSH/SFTP port address was different than 22 so I would assume that maybe data was forwarded from port (address) 22 to the other port address.

Why does this post require moderator attention?
You might want to add some details to your flag.
Why should this post be closed?

1 comment thread

General comments (1 comment)

1 answer

+1
−0

When the ssh daemon starts up, it reads the config file for the interfaces it should bind to (listen on) and the port number(s). The default interface is "all" and the default port number is 22.

The number was applied for and assigned as a well-known port number. On many systems, there is a file /etc/services or similar which lists port numbers and human readable names which can be used as substitutes.

If the port number is under 1024, traditional systems require root privilege. This is an anti-impersonation feature, so that these low port numbers are answered by the system's official daemons rather than any user who happened to claim it first.

Many administrators choose to run ssh on a port other than 22 because it is a target for scanning that can produce lots of log traffic. Changing the port number is not a significant security measure, but it can reduce the log traffic.

The port number that a daemon is listening to is the port number that must be specified by a client trying to communicate with it. Port forwarding is a duplication arranged by another daemon, so that a client can talk to a specific port (say, 22) but the underlying daemon can be listening on some other port (generally above 1024). That concentrates the root privilege to the duplicating daemon and may mean that the underlying daemon does not need root privilege.

Why does this post require moderator attention?
You might want to add some details to your flag.

1 comment thread

General comments (2 comments)

Sign up to answer this question »

This community is part of the Codidact network. We have other communities too — take a look!

You can also join us in chat!

Want to advertise this community? Use our templates!