centos7 修改ssh端口!

刺骨的言语ヽ痛彻心扉 2022-08-06 03:26 289阅读 0赞

默认ssh端口为 22,总是被人扫描登录!

修改默认端口为2218的方法:

修改ssh配置文件 /etc/ssh/sshd_config,将里面的 Port 22前面的注释去掉,将22修改为 2218 

  1. [root@niche ~]# whereis ssh
  2. ssh: /usr/bin/ssh /etc/ssh /usr/share/man/man1/ssh.1.gz
  3. [root@niche ~]# cd /etc/ssh
  4. [root@niche ssh]# ll
  5. total 272
  6. -rw------- 1 root root     242153 Jun  9  2014 moduli
  7. -rw-r--r-- 1 root root       2123 Dec 18 10:03 ssh_config
  8. -rw-r--r-- 1 root root       2123 Dec 18 09:55 ssh_config.bak
  9. -rw------- 1 root root       4443 Dec 18 10:02 sshd_config
  10. -rw-r----- 1 root ssh_keys    227 Dec 16 01:29 ssh_host_ecdsa_key
  11. -rw-r--r-- 1 root root        162 Dec 16 01:29 ssh_host_ecdsa_key.pub
  12. -rw-r----- 1 root ssh_keys   1679 Dec 16 01:29 ssh_host_rsa_key
  13. -rw-r--r-- 1 root root        382 Dec 16 01:29 ssh_host_rsa_key.pub
  14. [root@niche ssh]# nano sshd_config

修改iptables 防火墙:/etc/sysconfig/iptables

  1. #-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT

改为

  1. #-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
  3. -A INPUT -p tcp -m state --state NEW -m tcp --dport 2218 -j ACCEPT

保存退出

重启iptables

  1. [root@niche sysconfig]# systemctl stop iptables
  2. [root@niche sysconfig]# systemctl start iptables
  3. [root@niche sysconfig]# systemctl status iptables
  4. iptables.service - IPv4 firewall with iptables
  5.    Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled)
  6.    Active: active (exited) since Thu 2014-12-18 10:11:13 EST; 5s ago
  7.   Process: 24537 ExecStop=/usr/libexec/iptables/iptables.init stop (code=exited,
  8.  status=0/SUCCESS)
  9.   Process: 24605 ExecStart=/usr/libexec/iptables/iptables.init start (code=exite
  10. d, status=0/SUCCESS)
  11.  Main PID: 24605 (code=exited, status=0/SUCCESS)
  13. Dec 18 10:11:13 niche systemd[1]: Starting IPv4 firewall with iptables...
  14. Dec 18 10:11:13 niche iptables.init[24605]: iptables: Applying firewall rule...]
  15. Dec 18 10:11:13 niche systemd[1]: Started IPv4 firewall with iptables.
  16. Hint: Some lines were ellipsized, use -l to show in full.

重启sshd

  1. [root@niche sysconfig]# systemctl status sshd
  2. sshd.service - OpenSSH server daemon
  3.    Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
  4.    Active: active (running) since Thu 2014-12-18 10:05:25 EST; 6min ago
  5.   Process: 24469 ExecStartPre=/usr/sbin/sshd-keygen (code=exited, status=0/SUCCE
  6. SS)
  7.  Main PID: 24470 (sshd)
  8.    CGroup: /system.slice/sshd.service
  9.            └─24470 /usr/sbin/sshd -D
  11. Dec 18 10:05:25 niche systemd[1]: Starting OpenSSH server daemon...
  12. Dec 18 10:05:25 niche systemd[1]: Started OpenSSH server daemon.
  13. Dec 18 10:05:25 niche sshd[24470]: Server listening on 0.0.0.0 port 2271.
  14. Dec 18 10:05:25 niche sshd[24470]: Server listening on :: port 2271.
  15. Dec 18 10:06:20 niche sshd[24476]: Accepted password for root from 113.99.1...h2
  16. Dec 18 10:07:03 niche sshd[24503]: Accepted password for root from 113.99.1...h2
  17. Hint: Some lines were ellipsized, use -l to show in full.

by default.fu@foxmail.com,欢迎交流!

发表评论

表情:
评论列表 (有 0 条评论,289人围观)

还没有评论,来说两句吧...

相关阅读

    相关 CentOS修改SSH端口

    日常工作中为了安全起见,必须修改ssh默认端口(Port:22),避免外网的登陆破解工具的探测,减少被攻击的可能。 修改sshd服务的配置文件 请注意,在/etc/ss

    叁歲伎倆叁歲伎倆/ 0/ 286 阅读