ssh-copy-id can transfer the key fine to a ssh server listening on non-standard port.
The flag isn’t listed in the man page, but you use the standard -p flag.
The gotchya is that it requires special formatting to work, so surround it in single quotes.
If you use it without the quotes, you get the following:
ssh-copy-id -p 64322 localhost
Bad port 'umask 077; test -d ~/.ssh || mkdir ~/.ssh ; cat >> ~/.ssh/authorized_keys'
It doesn’t need a patch to work, just use single quotes:
ssh-copy-id** '**-p 64322 localhost**'**
Some other helpful things to consider… When you setup the ssh server to listen on a non-standard port, you can change the default port the client would use to connect. The client has to set this up by modifying the /etc/services file.
The following lines can be changed from the standard port 22 to something else on both the client and server side.
ssh 22/tcp # SSH Remote Login Protocol
ssh 22/udp # SSH Remote Login Protocol
ssh 22/sctp # SSH
Replace 22 with your non-standard port.
So after you modify that port number with your own, save and close, then try connecting without using the -p flag. It should use the port you entered there.
This is kind of helpful because if it’s changed on the server side as well then you can go into SuSEFirewall on the ssh server and select SSH from the list of services and it forwards the port you specified in the /etc/services file. You don’t need to manually specify it in Advanced… as part of the Allowed Services tab.
The problem with changing the /etc/services file is that when you want to connect to a ssh server that does listen on port 22, you will need to use the -p flag and tell it that you want to use 22 as that isn’t the default port anymore. So consider whether or not you will be connecting to that non-standard port often, if you do use that port for connecting often, it can be worth changing.