Centos7 Modify the SSH port

Procedure For modifying an SSH port (Centos7) :

Step1 modify/etc/SSH/sshd_config

vi /etc/ssh/sshd_config

Port 22 // Remove # from this line, in case the configuration is not good and remote login can not be done, you have to go to the machine room to modify, after the modified Port can be used after the comment out

Port 20000 // Add this line below

Step2 modify firewall configurations

Firewall Add the SSH port to be modified.

Firewall-cmd –zone=public –add-port=20000/ TCP –permanent

If no, run systemctl start firewalld to start the system

reload firewall:

firewall-cmd –reload

Check whether the port is added successfully. If yes is displayed, otherwise no is displayed

firewall-cmd –zone=public –query-port=20000/tcp

If ali Cloud is used, you need to configure security group rules

Step3 modify SELinux

Use the following command to view the SSH ports currently allowed by SElinux:

semanage port -l | grep ssh

Semanage Command not found in Linux

Run: yum provides /usr/sbin/semanage or yum Whatprovides /usr/sbin/semanage

Yum -y install policycoreutils-python

If SELinux is not enabled, enable it first

Check SELinux status:

/usr/sbin/sestatus -v ## If SELinux status is enabled, SELinux is enabled

SELinux status: enabled

Open the SELinux

Modify the /etc/selinux/config file

Change SELINUX=disabled to SELINUX=enforcing

Just reboot the machine.

Add port 20000 to SELinux

semanage port -a -t ssh_port_t -p tcp 20000

And then make sure you add it

semanage port -l | grep ssh

Output if successful

ssh_port_t tcp 20000, 22

Step4 restart SSH

systemctl restart sshd.service

Step5 test the SSH connection of the new port

Test SSH connection after port modification, if successful, comment out port 22 in step1.

Related Posts

Binary Tree Sequence Traversal + Non-recursive Algorithm (C language) (Joint Ability) (NPU data Structure)

The factory pattern design pattern | challenge

Detailed explanation of the seven principles of design pattern