Shulou(Shulou.com)06/01 Report--

This article introduces the relevant knowledge of "the relevant settings of ssh in the centos7 version". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

1. Set the SSH connection port

1.1. Close SELinux

-- disable the current selinux of the system

# setenforce 0

-- shutting down the system permanent selinux

# sed-I's bind SELINUXPRENTENFINGUGUG SELINUXPRONFORCING

1.2. Edit / etc/ssh/sshd_config, modify the port (22-> 26), and restart sshd

# vi / etc/ssh/sshd_config

Port 26

# grep ^ Port / etc/ssh/sshd_config

# systemctl restart sshd

1.3. Modify firewalld rules to allow tcp/26 ports

# firewall-cmd-permanent-zone=public-add-port=26/tcp

# firewall-cmd-reload

# confirm the modification

# firewall-cmd-- list-all | grep 26

In this way, the ssh can be connected through port 26.

In the above process, if the ssh port is modified, restart sshd Times error, and comment out the modification can restart normally, use getenforce to check whether selinux has been closed.

2. Disable root remote ssh (disable by default)

2.1. Edit sshd_config

# vi / etc/ssh/sshd_config

PermitRootLogin no

-- confirm modification

# grep ^ PermitRootLogin / etc/ssh/sshd_config

2.2. Restart sshd

# systemctl restart sshd

3. IP that restricts ssh remote access

-- Edit / etc/hosts.allow and add the following

# echo "sshd:192.168.1.111:allow" > > / etc/hosts.allow

-- Edit hosts.deny and add the following

# echo "sshd:ALL" > > / etc/hosts.deny

In addition, you can modify sshd_config to restrict IP for remote access through ssh, and you can use firewalld to restrict IP.

4. User name that restricts ssh access

-- modify sshd_config to allow ssh remote access to test users of the server (multiple users are separated by spaces, and all other users are denied by default)

# echo "AllowUsers test" > > / etc/ssh/sshd_config

-- restart sshd

# systemctl restart sshd

5. Get information about ssh

5.1. Get sshd location

# whereis sshd

5.2. Get ssh version

# ssh-V

# 5.3. View information about sshd programs

# strings / usr/sbin/sshd | grep OpenSSH6.6

# 5.4.sed change version Information

-- back up the original information first

# cp-p / usr/sbin/sshd. / sshd_bk

-- change version information

# sed-I's usr/sbin/sshd OpenSSHQ 6.6qqqqqqmOpenSSHmm7.4Universe g'/

# 5.5. Restart sshd

[root@imzcy ~] # systemctl restart ssh

This is the end of the content of "ssh-related Settings in the centos7 version". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.