Linux Practical Tips
1. Modify the default remote port of the Linux system instance
This section uses CentOS 6.8 and CentOS 7.7 as examples to describe how to modify the default remote port of a Linux system instance.
-
Remotely connect and log into the Linux instance.
-
Run the following command to backup the sshd service configuration file.
cp /etc/ssh/sshd_config /etc/ssh/sshd_config_bak 复制代码
-
Modify the port number of the sshd service.
-
Run the following command to edit the sshd_config configuration file.
vim /etc/ssh/sshd_config 复制代码
-
Press the key on the
i
keyboard enter the editing state. -
Add a new remote service port.
This section uses port 1022 as an example.
Port 22
Enter belowPort 1022
. -
Press the key on the
Esc
keyboard , enter :wq and save and exit the editing state.
-
-
Run the following command to restart the sshd service. After restarting the sshd service, you can log in to the Linux instance through SSH on port 1022.
-
CentOS 7 and above, Alibaba Cloud Linux 2:
systemctl restart sshd 复制代码
-
CentOS 6 version:
/etc/init.d/sshd restart 复制代码
-
-
Optional: Configure the firewall to allow port 1022.
If the firewall of the ECS instance is enabled, the new port needs to be released.
-
CentOS 7 and above, Alibaba Cloud Linux 2:
Firewalld is installed by default in CentOS 7 and later versions. If you have enabled firewalld.service, you need to run the following command to allow TCP port 1022.
firewall-cmd --add-port=1022/tcp --permanent 复制代码
The return result of success means that the TCP port 1022 has been released.
-
CentOS 6 version:
When using versions earlier than CentOS 7 and opening the default firewall iptables, it should be noted that iptables does not block access by default. If you have iptables rules configured, you need to run the following commands to configure the firewall.
iptables -A INPUT -p tcp --dport 1022 -j ACCEPT 复制代码
Then run the following command to restart the firewall.
service iptables restart 复制代码
-
-
Configure the instance's security group to allow TCP port 1022.
For details, see Adding Security Group Rules .
-
Use the SSH tool to connect to the new port to test for success.
Enter the modified port number in the Port text box when logging in, which is 1022 in this example.
Not finished, to be continued to add!