Changing SSH Port and Other System Settings

  • Hi all,

    I've just switched from a Raspberry Pi B+ to a ODROID-C2. Prior to that I was running Kodi on a desktop computer as a HTPC. Just setting up my new to me LibreELEC and there's a few things I can't figure out and Google (and this forum) return nothing which is mostly how I configure system settigns such as SSH port, setting up SSH keys and a few other tweaks when / is mounted as read-only please.

    I can't find anything relating to this in the wiki either unelss I'm looking for the wrong subject. As a side note anyone have problems posting in Chrome? I've had to blow off the dust and fire-up Firefox just to post this. In Chrome this text entry box appears greyed out.

    Thanks

  • I want to change it because none of my computers run SSH on port 22 and my ISP blocks it. For this reason, none of my computers run SSH on port 22 and it'll be slightly annoying to remember 1 computer that isn't the standard in my house. I'm aware I could use .ssh/config but that doesn't help when I get a new computer.

    Eventually I'll want to disable root login too.

    • Official Post


    Hi all,

    I've just switched from a Raspberry Pi B+ to a ODROID-C2. Prior to that I was running Kodi on a desktop computer as a HTPC. Just setting up my new to me LibreELEC and there's a few things I can't figure out and Google (and this forum) return nothing which is mostly how I configure system settigns such as SSH port, setting up SSH keys and a few other tweaks when / is mounted as read-only please.

    I can't find anything relating to this in the wiki either unelss I'm looking for the wrong subject. As a side note anyone have problems posting in Chrome? I've had to blow off the dust and fire-up Firefox just to post this. In Chrome this text entry box appears greyed out.

    Thanks

    Hello Complex_Username,

    According to the code, you can pass parameters to sshd of LibreELEC with the SSH_ARGS variable of /storage/.cache/services/sshd.conf, which is writeable. Eg, to have sshd listen on port 789, set SSH_ARGS="-p 789" in /storage/.cache/services/sshd.conf, and then restart sshd (with systemctl restart sshd, or with reboot).

    I never used this option, so I cannot confirm that it actually works, but it might be worth a try.

    Please let me know if it makes or breaks.


  • Awiouy, I can confirm it works fine and sustains the settings over a reboot. I'll play with the settings for further customisation.

    Thank you very much! :)

    Although the settings are retained over a reboot, if any services are enabled their .conf files in /storage/.cache/services are over written after the reboot, but not before ssh has had a chance to see which ports it should be listening on.

    So first reboot you can log in on your chosen port number.
    The second reboot everything is back to the defaults and you can only login on port 22, unless you updated the file after the first reboot.

    Ahhhh! :@

    For those interested: I'm running LibreELEC (official) v7.0.2 Raspberry Pi 3 freshly installed.

  • Hello Complex_Username,

    According to the code, you can pass parameters to sshd of LibreELEC with the SSH_ARGS variable of /storage/.cache/services/sshd.conf, which is writeable. Eg, to have sshd listen on port 789, set SSH_ARGS="-p 789" in /storage/.cache/services/sshd.conf, and then restart sshd (with systemctl restart sshd, or with reboot).

    Works perfectly (LE 7) and there is even a line to turn on and off password access, should one need that (as I did).

    autostart.sh did not work for me. But, as my script runs every 5 minutes, it checks if /storage/.cache/services/sshd.conf contains my argument, and if not, adds it and restarts sshd.

    Edited 2 times, last by pila (July 1, 2018 at 10:12 PM).

  • The other option is to put in /storage/.config/shutdown.sh code like this:

    Everything is retained over the reboot.

    Thanks to everyone in this thread, it's the only source of information i found about this issue

    Edited once, last by Kiki (June 12, 2021 at 9:49 PM).

  • Another way is to create a custom systemd service.

    Copy /etc/ssh/sshd_config to /storage/.config/sshd/sshd_config and edit the Port value (or any other settings).

    Then create a file /storage/.config/system.d/sshd-custom.service

    This is basically a simplified version of /usr/lib/systemd/system/sshd.service

    The new service must be enabled with systemctl enable sshd-custom.service and started with systemctl start sshd-custom.service (or reboot).

    Once this is working, you can disable the default ssh service on port 22 in the Libreelec gui.

    Edited once, last by stef70: incorrect config file path (October 28, 2022 at 8:35 AM).