修改CentOS7的SSH端口

修改ssh配置

vi /etc/ssh/sshd_config

找到 #Port 22 取消该行的注释。改为想要使用的端口,如:Port 12306

重启服务

systemctl restart sshd

配置selinux

安装 semanage 工具

yum provides semanage
yum -y install policycoreutils-python

打开端口

semanage port -a -t ssh_port_t -p tcp 12306

查看当前 SELinux 允许的端口

semanage port -l | grep ssh

错误处理

当 SELINUX 配置为禁用状态时,使用 semanage 会报错提示无法读取 policy 文件:

SELinux:  Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version.  
SELinux:  Could not open policy file <= /etc/selinux/targeted/policy/policy.30:  No such file or directory  
/sbin/load_policy:  Can't load policy:  No such file or directory
libsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).  
FileNotFoundError: [Errno 2] No such file or directory 

启用 SELinux:

vi /etc/selinux/config

修改 SELINUX=permissive 以后重启服务器:

init 6

重启后查看 SELinux 状态:

sestatus

如果显示 disabled,执行:

load_policy -qi

检查配置:

semanage port -a -t ssh_port_t -p tcp 12306
semanage port -l | grep ssh

重启sshd服务:

systemctl restart sshd
添加新评论