The (short) story of how the SSH port became 22.

starman@programming.dev to

Linux@lemmy.ml – 231 points – 8 months ago

ssh.com

cross-posted from: https://programming.dev/post/9907720

The SSH port is 22. This is the story of how it got that port number. And practical configuration instructions.

I just assumed that 21 other things already existed.

The -p option can be used to specify the port number to connect to when using the ssh command on Linux. The -P (note: capital P) option can be used with SFTP and scp.

Why is it that the switch on ssh is -p but in scp/sftp it is -P?

This has caused me a real headache in the past as ssh doesn't throw an error message when you use a switch like "ssh -P 8080"

At a guess, it's because the function of preserving file dates and times is more likely than setting the port to something other than the default, so it gets the lowercase character, whereas ssh doesn't do anything with files so the port option gets the lowercase character.

The inconsistency is annoying though. I wonder if they could make ssh's -p option case insensitive so -P works across the board. (Maybe -P is reserved for some unknown future purpose?)

A work-around would be introducing long options and having --port be the option's long name across all the commands, but then, that comes with its own problems.

If this is something you run into often, it's likely still only for a limited number of servers? ssh and scp both respect .ssh/config, and I suspect (but haven't tested) that sftp does too. If you add something like this to that file:

Host host1 host2
  Port 8080

then SSH connections to hosts named in that first line will use port 8080 by default and you can leave off the -p/-P when contacting those hosts. You can add multiple such sections if you have other hosts that require different ports, of course.

I learned something today. Thanks!

Me too. My biggest takeaway though was that 'SSH' is a company today, providing network and security services. Interesting!

It was a company almost from the start. In the mid 90s Tatu Ylonen created ssh v1 and released it as freeware, then shortly afterwards apparently he regretted it and created ssh v2, made it proprietary and commercialized it with his company.

In the late 90s some OpenBSD guys then forked the unencumbered ssh v1 source to create OpenSSH and implemented ssh v2 with it and their ssh version eventually gained traction and became dominant.

As freeware or free software? Because if it was freeware, I don't understand how OpenBSD could have forked it

It was a custom license more permissive than the BSD license.

It's still part of the official OpenSSH license, see the first section here: https://cvsweb.openbsd.org/src/usr.bin/ssh/LICENCE?rev=HEAD

Even more interesting! Thanks!!

Tatu was also a bit of a d*ck about the thing. There were some GPL violations when he made the licensing more restrictive, and at one point he accused the OpenSSH project of violating his trademark, even though his original license permitted the use of the ssh name.

They're in a lot of government networks world wide (I visited them a long time ago to discuss some potential cooperation) - they're technically quite sound, and as bonus them being privately owned and headquartered in small Finland is generally seen as reducing the likelihood of backdoors or similar issues due to conflicting state interests.

The title made it sound a little more interesting then it actually was, but sometimes stories of great impact are very short and unexeptional

What an exceptionally unexceptionable story. Good read

I remapped SSH to 360

Lol why exactly? Now all the hackers will know to scan 360 on your servers 😹