2

Apologies if this is indeed a duplicate; I did look for an answer but it left me with more questions.

I have set up a server, Ubuntu 16.04, to act as a git server for me and one other person to work on a project. Currently, port 22 (Soon I will reconfigure to another port for security) on the server and my firewall are configred correctly and it is open.

In order for a successful connection between the server and client wishing to SSH and clone repos, does the SSH port need to be open server-side and the client wishing to connect, or just the server?

My confusion iniitally is because of how TCP works; A configured port for SSH may use one assigned port for the server, and one assigned randomly by the client making the connection?

Many thanks for any help.

Improve this question
1
  • Changing the SSH port does little for security, a port scanner will find it very quickly anyway. What you need is long and passwords (or just SSH key login), and a firewall that limits the rate at which random people can connect to your server. I recommend that you install ufw (UncomplicatedFireWall), and just use ufw limit on your SSH port.
    – xenoid
    Commented Sep 5, 2017 at 11:39

1 Answer 1

Reset to default
4

In the standard setup, the SSH server is listening on port 22, i.e. this port is open for incoming connections. The client opens a connection from a random (high) TCP port (e.g. port 12345) on its side to port 22 on the server side.

So port 22 only needs to be open on server side.

Improve this answer
1
  • Thank you. Just as I thought but this confirms it.
    – BM.Teddy
    Commented Sep 5, 2017 at 8:43

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .