centos 7.0 修改ssh默认连接22端口 和 添加防火墙firewalld 通过端口

前端之家收集整理的这篇文章主要介绍了centos 7.0 修改ssh默认连接22端口 和 添加防火墙firewalld 通过端口前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。

首先 先做的就是 修改ssh的默认端口22

需要修改文件

/etc/ssh/sshd_config

使用命令

vi /etc/ssh/sshd_config

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
[root@localhost ~]# vi /etc/ssh/sshd_config
# $OpenBSD: sshd_config,v 1.90 2013/05/16 04:09:14 dtucker Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/local/bin:/usr/bin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible,but leave them commented. Uncommented options override the
# default value.
# If you want to change the port on a SELinux system,you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
Port 48489
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# The default requires explicit activation of protocol 1
#Protocol 2
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
# Ciphers and keying
#RekeyLimit default none
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
#RSAAuthentication yes
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none

  先做就完成了 端口的修改 然后就需要让防火墙通过这个端口

具体操作 就是 按 I 键,进入插入编辑,找到Port前面的#去掉 ,改成自己需要的端口号

centos 7 默认使用的 是 firewalld 所以先看看是否运行

firewall-cmd --state

然后看下 先做默认通过的端口都有哪些

查看端口 规则

firewall-cmd --permanent --list-port

刚才测试 添加了 端口 现在删除这个端口 参数--permanent 是永久配置 机子重启依然有效

删除端口

firewall-cmd --permanent --remove-port=48489/tcp

添加端口 到防火墙例外

firewall-cmd --permanent --zone=public --add-port=48489/tcp

然后通过putty ssh连接软件链接一下就好了~

firewalld 参考资料

http://blog.csdn.net/smstong/article/details/39317277

原文链接:https://www.f2er.com/centos/375085.html

猜你在找的CentOS相关文章