I wanted to share my experience for anyone else that may run into this.
After changing the port and restarting the SSH service as you also tried, I was still not able to connect on the new port I specified. When I ran sudo netstat -lntp | grep ssh it showed that my SSH service was still listening on port 22, despite supposedly successfully restarting the service.
Only after rebooting the machine and re-running netstat I saw my service was finally listening on the specified port.
The problem is that when you use sudo, it creates a new environment with no X settings.
There are two options: first, you can use sudo -E gparted to try preserving the environment, try it, if this works it's probably the safest option.
If not, you'd need to configure your server's root account to allow logging in through ssh, so that you can ssh root@server, which should set the appropriate forwarding and environment.
First, on the server, in /etc/ssh/sshd_config, ensure it has:
X11Forwarding yesPermitRootLogin without-password
Next, add the ssh public key from your client to the root account on the server. If you can already ssh to the server without password with your normal user, then use sudo -i to start an interactive root session. Then:
ssh localhost. This is just so that an initial .ssh directory is created.- Copy the
authorized_keys file from the normal user: cp /home/normaluser/.ssh/authorized_keys ~/.ssh
Now from the remote system try ssh -v root@server. You should be able to log in with no password. Check that the output shows X forwarding has been enabled. Then you should be able to run gparted remotely.
Also, it goes without saying, but mucking around with a remote system's partitions is risky; ensure you have a backup of important data in case a disaster happens :)
Best Answer
This configuration is done in two parts. The first part is done on the remote SSH server. The second part is done on the local machine.
Server Side Instructions:
First install the stunnel:
Make the SSL certificate (for 365 days):
Configure stunnel to tunnel 443 (https) to 22 (ssh):
Create config file to meet the needs of using SSH over SSL.
Write these:
The above configuration tells stunnel where to find the certificate we generated and where to accept and forward connections. In this case stunnel will listen on the public_ip on port 443 (https) and redirect connections there back to localhost on 22 (ssh).
In order to start the stunnel service we’ll need to activate it in /etc/default/stunnel4. Change the ENABLED line from 0 to 1.
Finally, we can start the service and move on to the client configuration:
You can verify that stunnel is now listening by using the netstat command:
Client Side Instructions:
First install the stunnel package:
Make the SSL certificate (for 365 days):
Create config file :
Write these:
In order to start the stunnel service we’ll need to activate it in /etc/default/stunnel4. Change the ENABLED line from 0 to 1.
Start the service.
Make the connection
With the stunnel service now running on both the server and the client we’re ready to make the secure connection. Now when you connect to your local machine on port 2200 it will make a connection to the remote IP on port 443, create a secure SSL connection, and connect to port 22 on the other end. Your encrypted SSH connections are now wrapped in an encrypted SSL connection using port 443.
Sources: link1 Link2