Shulou(Shulou.com)06/01 Report--

How to modify SSH port number in CentOS7? Many novices are not very clear about this. In order to help you solve this problem, the following small series will explain it in detail for everyone. Those who have this need can come to learn. I hope you can gain something.

Step 1: Modify SSH configuration file (note sshd_config instead of ssh_config, extra d)

vim /etc/ssh/sshd_config

Find "#Port 22", type "yyp" directly in this line to copy the line to the next line, and then remove the "#" sign of the two lines, that is, the comment, and modify it to:

Port 22Port 10086

SSH default listening port is 22, if you do not force other ports,"Port 22" Note not commented are open access port 22. I reserved port 22 above to prevent all kinds of permissions and configuration problems from causing even port 22 to be inaccessible later, which would be embarrassing. When everything is ok, close port 22.

Ok, continue. I added port 10086. When you modify the port, it is best to choose a port number between 10000 and 65535. Below 10000 is easy to be occupied by the system or some special software, or when a new application is ready to occupy this port in the future, it is occupied by you first, resulting in software failure.

Step 2: If you have SELinux turned off, you can skip step 2.

First look at the ports SELinux opens for ssh

semanage port -l|grep ssh

My system prints the following:

ssh_port_t tcp 22

SELinux does not open port 10086 for SSH, so let's add this port:

semanage port -a -t ssh_port_t -p tcp 10086

When finished, check again

semanage port -l|grep sshssh_port_t tcp 22，10086

Step 3: If you close the firewall, you can ignore the third step, saying that the firewall is not open too dangerous, it is recommended to open.

First check whether the firewall has opened port 10086:

firewall-cmd --permanent --query-port=10086/tcp

The printed results are as follows:

no

It means that port 10086 is not open, so add the following port:

firewall-cmd --permanent --add-port=10086/tcp

The printed results are as follows:

success

Reload firewall policy:

firewall-cmd --reload

After successful execution, check whether port 10086 is opened:

firewall-cmd --permanent --query-port=10086/tcp

The printed results are as follows:

yes

Step 4: Restart SSH service and firewall, preferably also restart the lower server

systemctl restart sshdsystemctl restart firewalld.serviceshutdown -r now

Step 5: Try logging into SSH via port 10086, or enter the server directly to access SSH locally as follows:

ssh root@localhost -p 10086

If it succeeds, it means that 10086 is completely usable. Next, you can comment out Port22 of sshd_config according to the above steps. SELinux and firewall (Firewall) close Port 22 and OK.

The following 2017.11.27 supplementary update------->

Step 6: Modify third-party server security group policy. If there is no third-party server, the above has already accomplished the goal of this article, and you can ignore step 6. The following example diagram directly on Alibaba Cloud:

Supplementary Column-----------------------------------------------------------------------------

1. Check whether a port is occupied, take 10086 as an example:

netstat -lnp|grep 10086

If there is no print, it is not occupied. If there is printing, it means that it is occupied, and generally lists which process is occupied.

2. Check if SELinux is enabled

sestatus -v

If the output is:

SELinux status: disabled

Description Yes, it can be turned on or off by modifying SELinux configuration:

vim /etc/selinux/config

Find:

SELINUX=disabled

Amend to read:

SELINUX=enforcing

Restart it, OK.

The semanage command cannot be used or cannot be found. Description This command is not configured. You can install it by issuing the following command:

yum -y installpolicycoreutils-python-2.5-9.el7.x86_64

Did reading the above help you? If you still want to have further understanding of related knowledge or read more related articles, please pay attention to the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.