How to run sshd on port 500 in High Sierra?
Solution 1:
To modify the ssh port, you have to edit the ssh launch daemon of the ssh server host:
- disable SIP
-
open ssh.plist:
sudo nano /System/Library/LaunchDaemons/ssh.plist -
modify the
<key>Sockets</key>(example port here: 10022) from... <key>Sockets</key> <dict> <key>Listeners</key> <dict> <key>SockServiceName</key> <string>ssh</string> <key>Bonjour</key> <array> <string>ssh</string> <string>sftp-ssh</string> </array> </dict> </dict> ...to
... <key>Sockets</key> <dict> <key>Listeners</key> <dict> <key>SockServiceName</key> <string>10022</string> <key>Bonjour</key> <array> <string>10022</string> <string>10022</string> </array> </dict> </dict> ... -
unload and load the daemon
sudo launchctl unload /System/Library/LaunchDaemons/ssh.plist sudo launchctl load /System/Library/LaunchDaemons/ssh.plist - test the ssh daemon
- enable SIP
An alternative, less intrusive approach is to create a second ssh launch daemon in /Library/LaunchDaemons/:
-
copy the ssh.plist
sudo cp /System/Library/LaunchDaemons/ssh.plist /Library/LaunchDaemons/ssh2.plist -
modify the ssh2.plist:
sudo nano /Library/LaunchDaemons/ssh2.plistchange the key Label to
<key>Label</key> <string>com.openssh.sshd2</string>change the key
<key>Sockets</key>as described earlier - disable SSH in the System Preferences > Sharing > Remote Login
-
load the launch daemon:
sudo launchctl load -w /Library/LaunchDaemons/ssh2.plist - with strict key checking enabled in the ssh config file on a ssh client host you may have to remove the ssh server from the known_hosts file of this remote host.
- access the ssh server with
ssh user@IP -p <port>