xokia Posted June 10 Share Posted June 10 (edited) I am seeing scans coming from unraid trying to connect to port 22 on an aws server is this the USB backup? If this is USB backup it might be useful to put a note when you enable USB backup. Because it looks like unraid is trying a lot of different ports to get out. Edited June 10 by xokia Quote Link to comment
ljm42 Posted June 11 Share Posted June 11 Yes, Unraid Connect Flash backup makes an outgoing git/ssh connection to backup.unraid.net on port 22 or 443 Quote Link to comment
xokia Posted June 11 Author Share Posted June 11 4 hours ago, ljm42 said: Yes, Unraid Connect Flash backup makes an outgoing git/ssh connection to backup.unraid.net on port 22 or 443 Is there a way to tell it to just use 443? I have 443 allowed for normal https traffic so that port is not filtered. I like to keep as few ports allowed as possible. Quote Link to comment
ljm42 Posted June 11 Share Posted June 11 11 hours ago, xokia said: Is there a way to tell it to just use 443? I have 443 allowed for normal https traffic so that port is not filtered. I like to keep as few ports allowed as possible. Oh cool, so we added this fallback to port 443 for networks that block port 22 but aside from a reduction in "why can't I connect" posts I think you are the first person to confirm they are using it. We did not want to start on port 443 because it seems a little shady to do SSH over 443 without at least trying on 22. You are seeing the repeated calls in your logs because each time the script runs it tries port 22 and then falls back to 443, it doesn't store the state for the next run. As I said, you are the first person to provide feedback on how this works in their network. I can look at having it "remember" to use port 443 in a future release. 1 Quote Link to comment
xokia Posted June 12 Author Share Posted June 12 (edited) 22 hours ago, ljm42 said: You are seeing the repeated calls in your logs because each time the script runs it tries port 22 and then falls back to 443, it doesn't store the state for the next run. As I said, you are the first person to provide feedback on how this works in their network. I can look at having it "remember" to use port 443 in a future release. Maybe I am just the first running IPS to notice it? It might be a better option to enable the user to choose 443 or 22. Maybe under an advanced button and have a "prefer" port and the fallback is the non preferred port? i.e. try this port first. In your code it just ends up being a list of ports that you can reorder based on the preferred option. Set 22 as default and leave what you folks currently implemented. Then those that don't know any better wont hit you up with why is my USB backup not working. Those that want more control over their network will know what to do hopefully. If you "remember the port" someone might decide later to use port 22 then they will hit you up with how do I forget 443. Just my $.02 Edited June 12 by xokia Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.