Shulou(Shulou.com)05/31 Report--

This article mainly introduces the relevant knowledge of "how to add or modify CentOS7 port number". The editor shows you the operation process through an actual case. The operation method is simple, fast and practical. I hope this article "how to add or modify SSH port number in CentOS7" can help you solve the problem.

Step 1: modify the ssh configuration file (note that it is sshd_config instead of ssh_config, with an extra d)

Vim / etc/ssh/sshd_config

Find "# port 22", type "yyp" directly on this line to copy the line to the next line, and then remove the "#" sign from the two lines, that is, the comment, and modify it to:

Port 22port 10086

Ssh default listening port is 22, if you do not force other ports, "port 22" note is open 22 access port. I reserved port 22 above to prevent it from being unable to access port 22 because of various permissions and configuration problems, which would be embarrassing. Wait until everything is ok, then close port 22.

Ok, go on, I have added port 10086. When you modify the port, you'd better choose the port number between 10000mm and 65535. When the port is below 10000, it is easy to be occupied by the system or some special software, or when the new application is ready to occupy the port in the future, it is occupied by you first, causing the software to fail to run.

Step 2: if you turn off selinux, you can ignore step 2.

First check the ports that selinux is open to ssh to use

Semanage port-l | grep ssh

My system prints as follows:

Ssh_port_t tcp 22

You know, selinux does not open port 10086 to ssh, so let's add this port:

Semanage port-a-t ssh_port_t-p tcp 10086

When you are finished, view it again

Semanage port-l | grep sshssh_port_t tcp 22710086

Step 3: if you turn off the firewall, you can ignore the third step. It is too dangerous if the firewall is not turned on, so it is recommended to turn it on.

First check to see if the firewall has port 10086 open:

Firewall-cmd-permanent-query-port=10086/tcp

The print result is as follows:

No

If port 10086 is not open, add the port below:

Firewall-cmd-permanent-add-port=10086/tcp

The print result is as follows:

Success

Reload the firewall policy:

Firewall-cmd-reload

After the execution is successful, check whether port 10086 is open:

Firewall-cmd-permanent-query-port=10086/tcp

The print result is as follows:

Yes

Step 4: restart the ssh service and the firewall, preferably also restart the server

Systemctl restart sshdsystemctl restart firewalld.serviceshutdown-r now

Step 5: try to log in to ssh through port 10086, or go to the server to directly access the ssh as follows:

Ssh root@localhost-p 10086

If successful, 10086 is ready to use, then you can comment out the port22 of sshd_config according to the above steps, selinux and firewall (firewalld) close port 22 on ok, which is caused by Dagong!

The following additional updates are made on November 27, 2017->

Step 6: modify the third-party server security group policy. If there is no third-party server, the above has achieved the goal of this article, and you can ignore step 6. The following example diagram goes directly to Aliyun:

Supplementary column-

1. Check whether a port is occupied. Take 10086 as an example:

Netstat-lnp | grep 10086

If there is no printing, it is not occupied. If there is printing, the description is occupied, and it will generally list which process is occupied.

2. Check to see if selinux is enabled

Sestatus-v

If the output is:

Selinux status: disabled

Indicates that it is enabled. You can enable or disable it by modifying the configuration of selinux:

Vim / etc/selinux/config

Find:

Selinux=disabled

Modified to:

Selinux=enforcing

If you restart it, just ok.

The 3.semanage command cannot be used, or cannot be found. Indicates that the command is not configured and can be installed with the following command:

Yum-y installpolicycoreutils-python-2.5-9.el7.x86_64

On its dependent library I will not repeat, you can Baidu under a more comprehensive installation of semanage tutorials.

The 4.centos7 firewall has been changed to firewalld, not iptables, and the corresponding command is also available under Baidu, which will not be repeated here.

This is the end of the introduction to "how CentOS7 adds or modifies SSH port numbers". Thank you for reading. If you want to know more about the industry, you can follow the industry information channel. The editor will update different knowledge points for you every day.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.