Hi,
I tried to use a port other than 22 for sshd on Tumbleweed and failed.
Error message:
Mär 11 15:34:46 job6 sshd[1681101]: error: Bind to port 222 on 0.0.0.0 failed: Permission denied.
Mär 11 15:34:46 job6 sshd[1681101]: error: Bind to port 222 on :: failed: Permission denied.
Audit is quiet, I find no other hint on how to give me permission. Any ideas?
Port is opened in firewall?
Port is allowed by selinux?
This shows it:
semanage port -l | grep ssh
for port 33000 open:
sudo semanage port -a -t ssh_port_t -p tcp 33000
Firewall blocking the port won’t give a permission denied error. It is most likely SELinux if they have SELinux enabled and enforcing and they didn’t try to start sshd as a non-root user.
Nevermind. AI found it: semanage port -a -t ssh_port_t -p tcp 222
Another chapter in my book called “Security Sucks!” 
P.S.:
job6:~ # sudo ausearch -m avc -ts recent
<no matches>
And audit.log told service start and stop but no problem about a blocked port.
I’d expect some hint there…
You can always turn it off.
There are rules that are classified ‘dontaudit’ that won’t produce an audit log when violated. They are typically rules that would be insanely noisy or, like in this case, are properly handled by the administrator reading documentation for their service and properly configuring them.
ssh_port_t violations are a dontaudit rule.
You can turn them on if you really want to.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.