Question

Cannot ssh to my droplet via custom port.

Posted November 29, 2021 120 views
Networking

My ISP has blocked SSH connections via port 22. I want to use a different port to ssh to my droplet. I cannot use port 443 since I am using the droplet to host my website.

root@pc:~# sudo lsof -iTCP -sTCP:LISTEN -P
COMMAND   PID            USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
systemd-r 614 systemd-resolve   13u  IPv4  19460      0t0  TCP localhost:53 (LISTEN)
sshd      773            root    3u  IPv4  23058      0t0  TCP *:22 (LISTEN)
sshd      773            root    4u  IPv6  23069      0t0  TCP *:22 (LISTEN)
sshd      773            root    5u  IPv4  23071      0t0  TCP *:49160 (LISTEN)
sshd      773            root    6u  IPv6  23075      0t0  TCP *:49160 (LISTEN)
nginx     800            root    6u  IPv4  23438      0t0  TCP *:80 (LISTEN)
nginx     800            root    7u  IPv6  23439      0t0  TCP *:80 (LISTEN)
nginx     800            root    8u  IPv6  23440      0t0  TCP *:443 (LISTEN)
nginx     800            root    9u  IPv4  23441      0t0  TCP *:443 (LISTEN)
nginx     802        www-data    6u  IPv4  23438      0t0  TCP *:80 (LISTEN)
nginx     802        www-data    7u  IPv6  23439      0t0  TCP *:80 (LISTEN)
nginx     802        www-data    8u  IPv6  23440      0t0  TCP *:443 (LISTEN)
nginx     802        www-data    9u  IPv4  23441      0t0  TCP *:443 (LISTEN)

➜ ~ ssh -p 49160 root@139.59.59.194
ssh: connect to host 139.59.59.194 port 49160: Operation timed out

ssh -p 22 root@139.59.59.194

works fine on a different network.

I have added 49160 to the conf file.

INBOUND
All TCP TCP All ports   All IPv4 All IPv6

In droplet firewall.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hey there!

From your lsof output it looks like SSH is listening on multiple ports. Did you specify just one port in your /etc/ssh/sshd_config file and then restart the SSH service sudo systemctl restart ssh

You can use telnet to check if that port is open as well.

telnet 139.59.59.194 49160

If you are using a Cloud Firewall in additional the droplet firewall you will need to allow that port through it as well.

Hope it helps!
Nate