Re: ssh on port 21?

[Rick Bilonick <rab nauticom net>]

Rick Stevens wrote:

> rab wrote:
>
> > I can telnet out through the firewall at work but I can't get them to 
> > allow me to ssh out to my home pc. Can I open a hole in my router 
> > firewall and allow incoming ssh on both ports 21 and 22? (I'm able to 
> > ssh into my pc using dial up but not through the company lan.)
>
>
> How utterly silly.  Why not ask your IT department to permit SSH access?
> What are they afraid of?  FTP is far more likely to be hacked than SSH.
> Remind them that passwords and such go out over FTP in plaintext
> (unencrypted).  SSH certainly can't hurt them.
>
> You can set up ssh to listen on any port you want, but you'll need to
> connect via "ssh -p 21" AND the daemon on your machine at home needs to
> listen on port 21, either via "sshd -p 21" or in the
> /etc/ssh/sshd_config file's "Port" directive.

Silly is not the word. "Stupid" and "idiots" are the words that come to 
mind. I have asked the it dept. several times to make it possible. If I 
explain TOO MUCH about how insecure telnet/ftp is, they would take it 
all away.

Thanks for your explanation on how to do it. I wasn't sure if the port 
numbers had to be the same on both the local and remote systems. I had 
tried the L switch for ssh but that does not appear to be correct. I 
will also have to open a whole in the router's firewall for port 21.

Rick B.