Securing Ubuntu Server running Zimbra

[AutootuA]

I'm wanting to change port 22 to something else. I came across these steps to secure Ubuntu. Would this break Zimbra?

Code:

* Create Key Pair

	- run: ssh-keygen

	- passphrase: WHATEVERYOUWANTHERE

	- run: cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

	- run: rm ~/.ssh/id_rsa.pub

	
* Move Key to Local Machine


* Configure SSHD on Server

	- run: sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.factory-defaults

	- run: sudo chmod a-w /etc/ssh/sshd_config.factory-defaults

	- run: sudo vi /etc/ssh/sshd_config

		****MAKE THESE CHANGES****

			Port 22 ---> Port ****

			PermitRootLogin yes ---> PermitRootLogin no

			#PasswordAuthentication yes ---> PasswordAuthentication no

			#Banner /etc/issue.net ---> Banner /etc/issue.net

			UsePAM yes ---> UsePAM no

			***Add To Bottom***

			AllowUsers YOURUSER

	
	- run: sudo /etc/init.d/ssh restart

[h_aleksi]

Not as far you don't reserve ports used by zimbra for ssh.

[veronica]

Offcourse Yes you will face problems. Read Mail Queue Monitoring - Zimbra :: Wiki

Need to change zimbraRemoteManagementPort port from 22 to what ever you are changing to.

[jummo]

Zimbra use SSH for Mail Queue Monitoring [1]. Therefore you can't change the port from 22 to whatever, except you change the port in the scripts for Mail Queue Monitoring. Furthermore you need to add zimbra to the AllowUsers directive.

[1] Mail Queue Monitoring - Zimbra :: Wiki

[veronica]

Why do you need to change port in script ? wiki Mail Queue Monitoring - Zimbra :: Wiki clearly says :-

" If you're not running sshd on port 22, modify the zimbraRemoteManagementPort attribute on the server:

zmprov ms MAIL.DOMAIN.COM zimbraRemoteManagementPort 2222"\

[jummo]

Sorry, I haven't read the whole site. It was just a idea.