- FreedomBox version: FreedomBox version 20.19
- Hardware: Pioneer Freedombox
- How did you install FreedomBox?: Downoaded stable image from main freedombox website, then updated from web interface.
Im looking to lock down my freedombox to be a little tighter with security. I am surprised that freedombox allows its ssh ports to be open at first boot, and also surprised that it is using the default ssh port of 22. What compelled me to buy freedombox in the first place, was it being advertised as a box that was highly secure for noobs. But scouring over freedombox I have come to either one of two conclusions:
- Freedombox isn’t as safe and secure as it is cracked up to be
- I am not as much of a noob as I thought and can spot vulnerabilities that are above average.
At this point, im not sure which one is correct, but to my knowledge, security through obscurity will render a mild to medium increase in security by obfuscating attack vectors.
Therefore, I have manually edited my
/etc/ssh/sshd_config file to be more airtight, however, there is one thing I cannot figure out.
When changing the ssh port from 22 to say 38888, with using
in the sshd_config file, I can’t ssh into freedombox on port 38888 after reloading sshd.
My first thought, was to check iptables with
sudo iptables -L, which shows the following empty firewall rules:
Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
Then, I remembered that freedom box has its own firewall in its web interface which acts more like UPnP (another spotted security vulnerability and attack vector), so checked out the /etc/ directory and found a folder named firewalld. I’m assuming, that since freedombox doesn’t seem to use iptables, that its firewall is somehow blocking my NEW ssh port of 38888 from firewalld.
Other than that, I dont have any ideas why changing an ssh port in sshd_config wouldnt work, and seems to be blocked. So to start, could someone explain to me how to change the ssh port in the freedombox firewall to a new ssh port?
If you dont think that the firewall is the problem with changing the ssh port, could you also please advise me as to what could also possibly be the problem?
Thanks for any help and advice!