From owner-freebsd-security  Sun Sep  3 15: 2:14 2000
Delivered-To: freebsd-security@freebsd.org
Received: from sentinel.office1.bg (sentinel.office1.bg [195.24.48.182])
	by hub.freebsd.org (Postfix) with SMTP id 56F9137B43C
	for <freebsd-security@FreeBSD.ORG>; Sun,  3 Sep 2000 15:02:10 -0700 (PDT)
Received: (qmail 61615 invoked by uid 1001); 3 Sep 2000 21:59:15 -0000
Date: Mon, 4 Sep 2000 00:59:15 +0300
From: Peter Pentchev <roam@orbitel.bg>
To: Ali Alaoui El Hassani <961BE653994@stud.alakhawayn.ma>
Cc: CrazZzy Slash <slash@krsu.edu.kg>, freebsd-security@FreeBSD.ORG
Subject: Re: Ssh2, sftp port Numbers ???
Message-ID: <20000904005915.A61559@ringwraith.office1.bg>
References: <Pine.BSF.4.21.0008201722290.41785-100000@krsu.edu.kg> <Pine.SOL.3.96.1000903202744.4592D-100000@stud.alakhawayn.ma>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.SOL.3.96.1000903202744.4592D-100000@stud.alakhawayn.ma>; from 961BE653994@stud.alakhawayn.ma on Sun, Sep 03, 2000 at 08:32:25PM +0000
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Sun, Sep 03, 2000 at 08:32:25PM +0000, Ali Alaoui El Hassani wrote:
> Dear All, 
> Thanx to your help successfully installed ssh2. Now i am confused about
> one thing. When I use ssh2 or sftp I see that they use the same port
> number which is 22. Hum?, my question is:
> How to distinguish between the two applications ssh2 and sftp?
> is there anyway for me to assign sftp another port number, say 199 ?

Not unless you choose to run another instance of sshd listening on
port 199.

sftp is not a separate service per se, it works by establishing an SSH
connection (it requires that you login via SSH, or some kind of rhosts/shosts,
but definitely some kind of SSH authentication), and then executing a server
program on the side you are connecting to.  Actually, sftp *executes*
the ssh client at the client side (which is why it has an option to pass
ssh options, like an identity file and such), so it pretty much expects
the client to have a server to connect to.

In theory, the SSH server could be recompiled so that it specifically does
*not* allow execution of the sftp server, and placed to listen on port 22,
and then a not-hacked version placed to listen on port 199, possibly made
so it can *only* execute sftp.. but I, personally, do not really think
it is worth the trouble.

G'luck,
Peter

-- 
This sentence contains exactly threee erors.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message