A basic safety recommendation is to change the default connection ports of a system for the various available communications services. Let’s see how to change the ssh and xrdp ports on a Azure Linux virtual machine.
Change ssh port
Immediately after creating the virtual machine, the default port is 22. You can connect to the machine through its public IP or DNS with a client like Putty through that port. Edit the configuration file with nano for example:
sudo nano /etc/ssh/sshd_config
And we change where it says port 22 by the value we want (eg I put 40167):
Now to restart the ssh service, run:
sudo service ssh restart
We close the remote session that we are running, that still go through the port 22. Now we need to edit the security rule in the control panel of the virtual machine to reflect the change in port. To do this, we look for the machine in our Azure subscription, for example, in my case it is called f23uh4733:
Click on the entry safety rules option:
And we double click on the current rule for port 22:
And you must modify the value of the port 22 to port defined in the configuration file:
Pressing save after modification. The rule will take a few seconds to be applied.
Installing a remote desktop and xrdp port change
Now we will install a remote desktop. This will be necessary if Linux is a server image for example. Keep in mind that xrdp since Ubuntu 12.04LTS does not support Gnome Desktop, so we’ll use xfce.
First we install xrdp, executing the following command at the terminal:
sudo apt-get install xrdp
After the installation of xrdp, we must install xfce, running the command:
sudo apt-get install xfce4
The next step is to configure xrdp to use xfce. Run the following command:
echo xfce4-session >~/.xsession
Once installed the desktop, we will change the default port for remote connection. We use an editor, for example nano, to modify the xrdp configuration file. Run the command:
sudo nano /etc/xrdp/xrdp.ini
And modify the port with the desired value, in this case for example the port 40168:
We record the changes and restart the xrdp service to take effect, using the following command:
sudo service xrdp restart
Once you have configured the port, as before, we need to create the security rule that allows us to access. To do this we return to the list of rules of entry, and click the add button:
And we add a rule indicating the destination port that we have set in the previous step:
Press save button and wait for the rule to apply. After, we can open a remote desktop connection to the machine by the port:
We have to identify us with a UNIX user. If you have not created any, the administrator user serve us:
And we access the Linux desktop machine:
