β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ First, modify the configuration file
T.me/UndercOdeTesting
1) Modify the configuration file / etc / ssh / sshd_config
vim / etc / ssh / sshd_config
modify
#Port 22
#ListenAddress 0.0.0.0
#ListenAddress ::
for
Port 22
Port 23456
#ListenAddress 0.0.0.0
#ListenAddress ::
2) As above, uncomment Port 22 and add a line below it Port 23456
3) The default listening port of SSH is 22, if it is not mandatory, "Port 22" is commented or uncommented, port 22 remote login will be opened by default.
> The above is uncommented and port 22 is reserved to prevent possible permissions and configuration problems that cause port 22 to be inaccessible, which is awkward.
4) Added a line of Port 23456, which is to replace the default port 22. When you modify the port, you should choose a port number between 10000 and 65535. Below 10000 is easy to be occupied by the system or some special software, or newly installed Applications may occupy this port, so do not use port numbers below 10000.
5) Make the sshd configuration take effect
> Execute the following command to make the sshd configuration take effect.
a) CentOS 7.x or above, execute the command
systemctl restart sshd.service
b) CentOS 6.x or below, execute the command
/etc/init.d/sshd restart
6) After taking effect, log in with the new port number
ssh root@47.106.126.167 -p 23456
# ssh root@47.106.126.167 -p 23456
root@47.106.126.167's password:
7) Enter password to login successfully
Note: At this time, both ports 22 and 23456 can successfully log in to ssh.
8) Confirm that the new port can log in, comment out port 22
vim / etc / ssh / sshd_config
Comment out port 22, the final configuration is as follows
#Port 22
Port 23456
#ListenAddress 0.0.0.0
#ListenAddress ::
10) Finally, do nβt forget to modify the configuration file to make it take effect
11 ) CentOS 7.x or above, execute the command
systemctl restart sshd.service
12) CentOS 6.x or below, execute the command
/etc/init.d/sshd restart
13) Third, the firewall allows new port numbers
When using Cloud example, prior to CentOS 7 and enabling the default firewall iptables, you should note that iptables does not block access by default
14) If you configured iptables rules, you need to execute the command to allow new ports:
iptables -A INPUT -p tcp --dport 23456 -j ACCEPT
15) Then execute the restart firewall command
service iptables restart
> Explanation :
16) Firewalld is installed by default after CentOS 7
First, check if the firewall has opened the port number 23456.
> firewall-cmd --permanent --query-port = 23456 / tcp
17) If the print result is no, it means that the 23456 port number is not open, then add the allow new port number and run the command
> firewall-cmd --permanent --add-port = 23456 / tcp
18) If the result is success, the TCP 23456 port number is released.
Next, reload the firewall policy for the configuration to take effect
> firewall-cmd --reload
19) Finally, check again if port 23456 is open
> firewall-cmd --permanent --add-port = 23456 / tcp
20) If a new port number is opened, yes will be printed at this time
> Fourth, the policy group allows new port numbers
21) any cloud server vendors such as Alibaba Cloud and Tencent Cloud have security group policies. If the firewall opens a new port number, but the security group does not open a new port number, it will not be possible to log in via ssh. Therefore, you need to open a new port number in the security group
21) Log in to the ECS Management Console , locate the instance, select Network and Security Group
22) On the Security Group Rule page, click Add Security Group Rule to define the security rule according to the actual usage scenario and allow the newly configured remote port to connect.
written by UNdercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ First, modify the configuration file
T.me/UndercOdeTesting
1) Modify the configuration file / etc / ssh / sshd_config
vim / etc / ssh / sshd_config
modify
#Port 22
#ListenAddress 0.0.0.0
#ListenAddress ::
for
Port 22
Port 23456
#ListenAddress 0.0.0.0
#ListenAddress ::
2) As above, uncomment Port 22 and add a line below it Port 23456
3) The default listening port of SSH is 22, if it is not mandatory, "Port 22" is commented or uncommented, port 22 remote login will be opened by default.
> The above is uncommented and port 22 is reserved to prevent possible permissions and configuration problems that cause port 22 to be inaccessible, which is awkward.
4) Added a line of Port 23456, which is to replace the default port 22. When you modify the port, you should choose a port number between 10000 and 65535. Below 10000 is easy to be occupied by the system or some special software, or newly installed Applications may occupy this port, so do not use port numbers below 10000.
5) Make the sshd configuration take effect
> Execute the following command to make the sshd configuration take effect.
a) CentOS 7.x or above, execute the command
systemctl restart sshd.service
b) CentOS 6.x or below, execute the command
/etc/init.d/sshd restart
6) After taking effect, log in with the new port number
ssh root@47.106.126.167 -p 23456
# ssh root@47.106.126.167 -p 23456
root@47.106.126.167's password:
7) Enter password to login successfully
Note: At this time, both ports 22 and 23456 can successfully log in to ssh.
8) Confirm that the new port can log in, comment out port 22
vim / etc / ssh / sshd_config
Comment out port 22, the final configuration is as follows
#Port 22
Port 23456
#ListenAddress 0.0.0.0
#ListenAddress ::
10) Finally, do nβt forget to modify the configuration file to make it take effect
11 ) CentOS 7.x or above, execute the command
systemctl restart sshd.service
12) CentOS 6.x or below, execute the command
/etc/init.d/sshd restart
13) Third, the firewall allows new port numbers
When using Cloud example, prior to CentOS 7 and enabling the default firewall iptables, you should note that iptables does not block access by default
14) If you configured iptables rules, you need to execute the command to allow new ports:
iptables -A INPUT -p tcp --dport 23456 -j ACCEPT
15) Then execute the restart firewall command
service iptables restart
> Explanation :
16) Firewalld is installed by default after CentOS 7
First, check if the firewall has opened the port number 23456.
> firewall-cmd --permanent --query-port = 23456 / tcp
17) If the print result is no, it means that the 23456 port number is not open, then add the allow new port number and run the command
> firewall-cmd --permanent --add-port = 23456 / tcp
18) If the result is success, the TCP 23456 port number is released.
Next, reload the firewall policy for the configuration to take effect
> firewall-cmd --reload
19) Finally, check again if port 23456 is open
> firewall-cmd --permanent --add-port = 23456 / tcp
20) If a new port number is opened, yes will be printed at this time
> Fourth, the policy group allows new port numbers
21) any cloud server vendors such as Alibaba Cloud and Tencent Cloud have security group policies. If the firewall opens a new port number, but the security group does not open a new port number, it will not be possible to log in via ssh. Therefore, you need to open a new port number in the security group
21) Log in to the ECS Management Console , locate the instance, select Network and Security Group
22) On the Security Group Rule page, click Add Security Group Rule to define the security rule according to the actual usage scenario and allow the newly configured remote port to connect.
written by UNdercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β