Whilst trying to reboot a stubborn server I couldn’t reach from the admin panel, I noticed with nmap that there is an extra port 60910 that appears to be opened on my droplet. However I can only see this port externally and not from within the droplet itself.
From inside droplet:
Starting Nmap 7.01 ( https://nmap.org ) at 2018-06-27 16:18 EST Nmap scan report for example.com (xxx.xxx.xxx.xxx) Host is up (0.00090s latency). Not shown: 65529 closed ports PORT STATE SERVICE 25/tcp open smtp 80/tcp open http 443/tcp open https
From outside droplet:
Starting Nmap 7.01 ( https://nmap.org ) at 2018-06-27 16:00 EST Nmap scan report for example.com (xxx.xxx.xxx.xxx) Host is up (0.038s latency). Not shown: 65528 filtered ports PORT STATE SERVICE 25/tcp open smtp 80/tcp open http 443/tcp open https 60910/tcp open unknown
It appears to be an SSH daemon running on that port since it asks me to confirm an ED25519 key fingerprint, but does not accept the private key I have set up on my droplet’s usual SSH port.
I attempted to find documentation on this but couldn’t find any. I’m assuming this is used for maintenance on the hypervisor, but wanted to know exactly what it was used for and make sure that others can’t use that to access my droplet without my knowledge?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.