Shulou(Shulou.com)05/31 Report--

The knowledge of this article "centos7 how to prohibit root login and sshd port customization" is not understood by most people, so the editor summarizes the following contents, detailed contents, clear steps, and has a certain reference value. I hope you can get something after reading this article. Let's take a look at this "centos7 how to prohibit root login and sshd port customization" article.

1. Create a new user wwweee000

[root@localhost ~] # useradd wwweee000 [root@localhost ~] # passwd wwweee000changing password for user wwweee000.new password:bad password: the password is a palindromeretype new password:passwd: all authentication tokens updated successfully.

Delete the 2.#port 22 field and change 22 to other ports that are not used. The server port can be opened up to 65536.pm / notice that port is capitalized "p".

[root@localhost ~] # cat-n / etc/ssh/sshd_config | grep "port *" 17 # port 22100 # gatewayports no [root@localhost ~] # cat / etc/ssh/sshd_config | grep-n "port *" 17:#port 22100:#gatewayports no [root@localhost ~] # awk "/ port * /" / etc/ssh/sshd_config#port 22#gatewayports no

The above still does not satisfy the output: we only need the answer of port 22.

[root@localhost ~] # cat / etc/ssh/sshd_config | grep-n "port\" 17:#port 22 [root@localhost ~] # cat-n / etc/ssh/sshd_config | grep "port\" 17 # port 22 [root@localhost ~] # cat / etc/ssh/sshd_config | grep-n "port\" 17:#port 22 [root@localhost ~] # awk "/ port\ /" / etc/ssh/sshd_config # port 22 [root@localhost ~] # sed-I "17s/#port 22/port 22bot g" / etc/ssh/sshd_config [root@localhost ~] # awk "/ port\ /" / etc/ssh/sshd_config port 22

-n display line number;\ backslash substance definition

3. Modify port 22 to 4096 without using vi/vim

[root@localhost ~] # sed-I "17s/port 22/port 4096 root@localhost g" / etc/ssh/sshd_config [root@localhost ~] # cat / etc/ssh/sshd_config | grep "port\" port 4096

4. Change # permitrootlogin yes to permitrootlogin no

[root@localhost ~] # cat-n / etc/ssh/sshd_config | grep "permitrootlogin" 49 # permitrootlogin yes 104 # the setting of "permitrootlogin without-password". [root @ localhost ~] # sed-I "49s/#permitrootlogin yes/permitrootlogin no/g" / etc/ssh/sshd_ config[ root @ localhost ~] # cat-n / etc/ssh/sshd_config | grep "permitrootlogin no" 49 permitrootlogin no

5. Restart the sshd service

[root@localhost ~] # systemctl restart sshd.service

6. Use wwweee000 user login changes

[wwweee000@localhost ~] $

Ordinary user users cannot edit / etc/ssh/sshd_config. You need to switch root to edit. Switch root command: su

7.root to run, write shell script. / / script generic centos 7 (mainly: sshd_config port number definition input forbids root login)

#! / bin/bashsshd_port= `cat / etc/ssh/sshd_config | grep "port\" `echo "current sshd port: $sshd_port" read-ep "Please enter the connection port port (1-65536) of the sshd service Please make sure other port conflicts and firewall port open business: "sshd_port_readecho" the port number you entered: $sshd_port_read "sed-I" s/$sshd_port/port $sshd_port_read/g "/ etc/ssh/sshd_configecho" has been set to: `cat / etc/ssh/sshd_config | grep "port\" `"sed-I" s/#permitrootlogin yes/permitrootlogin no/g "/ etc/ssh/sshd_configsystemctl restart sshd.serviceexit 0

Run the test (can be recycled) this firewall shutdown / production server is off the firewall

[root@localhost wwweee000] # firewall-cmd-- state not running [root@localhost ~] # sh sshd_config_port.sh current sshd port: port 22 Please enter the connection port of the sshd service port (1-65536) Please make sure other port conflicts and firewall port open business: 4096 the port number you entered: 4096 has been set to: port 4096 or above is about "centos7 how to disable root login And the content of the article sshd Port customization I believe we all have a certain understanding. I hope the content shared by the editor will be helpful to you. If you want to know more about the relevant knowledge, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.