CentOS method to modify the default ssh port number example

The default ssh port number of Linux servers is generally 22, so most users need to change the default ssh port number for security reasons. The following is a method to change the default ssh port number

1: Modify the /etc/ssh/sshd_config configuration file (note: this is sshd_config, not ssh_config)

1: View the default port number of ssh

netstat -anp | grep ssh 

2: Modify the /etc/ssh/sshd_config configuration file

Add a port number 10011 in the sshd_config file (port 22 is reserved here so that if the configuration fails, you can still use port 22 to log in using ssh. After the configuration is complete, port 22 can be deleted)

2. Firewall configuration

You can refer to: Basic use of centos7 firewall in linux

Three: Add the modified SSH port to SELinux

Many tutorials on changing the default ssh port number on the Internet only talk about the above part and then restart the ssh service. I don't know how to do it. Anyway, I can't do it. No matter how I configure it, it doesn't work. The ssh port number is always 22. Finally, I found out that this is because we need to add the modified SSH port to SELinux.

1: Install semanage

semanage is a SELinux management tool used to add and modify ssh port numbers to SELinux

#Install dependencies yum install policycoreutils-python
#Install semanage
yum provides semanage

2: Use semanage to add the port number we just added (10011) to SELinux

Query the current ssh service port:

semanage port -l | grep ssh

Add the ssh port (10011) we need to add to SELinux:

semanage port -a -t ssh_port_t -p tcp 10011

Verify that the ssh port has been added successfully:

semanage port -l | grep ssh

Restart the ssh service:

systemctl restart sshd.service 

Four: Test:

At the command line, enter:

ssh [email protected] -p 10011

The following shows that you can use port 10011 to log in to ssh. At this time, you can delete the port number 22 configuration in the /etc/ssh/sshd_config file, and then restart the ssh service. At this time, the default port number of ssh is changed to 10011

The above is the full content of this article. I hope it will be helpful for everyone’s study. I also hope that everyone will support 123WORDPRESS.COM.