All posts by Gregory Cornelius

Changing the sshd port in Mac OS 10.6

Starting with 10.4, Mac OS X has gradually moved to usingĀ launchd to control the stopping and starting of all core services. For someone used to configuring a Linux server, it required a little research to understand.

The default sshd configuration pulls the port information from /etc/services and sets up a listener on that port. The Sockets dictionary is used to let launchd know when to launch the service. The purpose of this system is to speed up the boot process by launching services on demand instead of automatically.

To change the sshd port as means of provide some additional security simply modify /System/Library/LaunchDaemons/ssh.plist and change SockServiceName from “ssh” to the port number you want sshd to use. You also have to modify the Port number in /etc/sshd_config to match the launchd configuration.

<key>Sockets</key>
 <dict>
 <key>Listeners</key>
 <dict>
 <key>SockServiceName</key>
 <string>40000</string>
 <key>Bonjour</key>
 <array>
 <string>ssh</string>
 <string>sftp-ssh</string>
 </array>
 </dict>
 </dict>