Step 3 should be:

Browse to Others:SSH/Telnet Server

Click "Module config.." in the upper left corner (this is where it always is in regular Webmin modules. Set the port. Save it.

Let me add that I've seen a similar instruction in the module configuration reference... but I just can't seem to pinpoint how to reach the "Virtualmin Virtual Servers module page"... it's almost like I'm missing links in my tree or... missing the point entirely :(

So you're reading docs targeted at Virtualmin running without the Virtualmin Framed Theme. Virtualmin is a Webmin module (a very large, and complex Webmin module with many supporting modules and plugins and themes of its own...but a module of Webmin nonetheless)...and if you install it without switching to the Virtualmin theme, you would browse to it in the Servers tab in Webmin, just like for Apache or BIND or whatever. And it would have a Module config.. link in the upper left corner, just like regular Webmin modules.

But, since you're using the full stack of Virtualmin stuff, you have a menu item just for Virtualmin configuration.

You're not missing any links in your tree. You're just expecting Webmin modules configuration for non-Virtualmin modules to be in the tree, and they aren't. It is possible that at some point in the future, the framed themes (Blue and Virtualmin and the upcoming AJAX theme) will get an extra layer of submenus to allow fully tree-based navigation. But that's in the future. Right now, to configure anything that is a stock Webmin module, you browse to the module and click Module config...

I tried going to the Webmin link on the tree, then expanding others, then selecting "SSH / Telnet Login" link... this is where I see the error message (There is no SSH server running on 192.168.1.78 port 22)

Sadly, there is no 'module config' link in the corner... am I still in the wrong place? If so, where in the tree am I trying to go?

Ah F%#$#$!

When I went back to try it out after reading your post, I grabbed the wrong browser (logged in as the virtualhost user instead of the master admin)

Spiffy! I see now. Thanks so much.

I believe what Joe is referring you to is the "Module Config" link located at the top left of the SSH/Telnet page (where it actually tries to connect to your server). I'm not sure about global Usermin module config, Joe will have to point that one out.

The second option down from the top is listed as the port to connect to, and is set at Default to start. Just change to your new port, and save, and you should be set.

As to where to find Virtualmin in your Webmin tree, it's located under the "Servers" category as Virtualmin Virtual Servers.

And back to the original topic.. most of these steps are very helpful, and every server admin should be taking steps to at least have extremely hard-to-guess passwords for any services requiring them.

As Joe stated, changing ports is helpful, but not necessarily going to stop the determined hacker, but it will definitely cut back on hack attempts. Another thing to note about this, is sometimes specific ports are blocked, and not accessible to some users. I had a friend who's company firewall was blocking port 10000, and therefore he was not able to reach Webmin at all.

On the note about Chroot SSH setup... Ensim Pro uses it by default, and I used that for many years.. their setup actually worked quite well, but it definitely wasn't fool-proof. If someone was smart, and determined, I'm sure they could have undermined it.. the few hack attempts that I had caught on the system, were mostly "script kiddies" setting up a staging ground to attack other sites/servers.

As for firewalls, yes, I highly recommend using them to filter out everything, but the basic hosting services traffic that is required.

And root-kit hunters are great, but more often than not, they won't help you, unless you catch the hacker before he's had the opportunity to do something with the system.

The idea behind security is to prevent systems from ever being compromised, and rkh's are fundamentally designed for the aftermath of such an activity, not preventing it.

Anyway, all of these things are great ideas, some more practical than others, but all in all, a good group of ideas for securing your server(s) in the best way possible.

NS

Kato: Ugh, disregard the first section of my post, I didn't realize that there was a 2nd page here, until it was too late. Looks like Joe got you taken care of.

Joe: Is the Edit feature not finished? or am I just running into some random bug, because it's not letting me edit my post. :D

NS

In each module page there is a Module Config link in the right frame upper left corner.

I also do not recommend changing ANY default posts. It is a waste of time because nmap can still sniff out the new ports and it isn't a real security threat anyways.

Second disabling root login access is also a moot point IF you use proper passwords that are mixed case and contain special characters and numbers.

I have allowed root access for over 4 years now and with millions of hacking attempts the losers still can't find the password for it.