Server port 22 by default, this will cause a password has been cracked risk of violence, the following procedure is to replace the ssh port
1. Add the ssh port
vim /etc/ssh/sshd_config
Open the configuration file, and add the port number we want to change, then do not remove the default port 22 , so that the two ports exist, then if we directly modify the port, and then start the firewall, it will appear that we are not using a firewall ports open, resulting in we can not connect the server Let us leave the default 22. If, after the changes, no problem with the new port number, and then delete the default port no later than 22
We want to port to 2020, as shown on adding up, save and exit, and then restart the ssh service
systemctl restart sshd.service
2. Configure firewall rules
# Start the firewall systemctl Start firewalld.service # turn off the firewall systemctl STOP firewalld.service # restart firewall systemctl restart firewalld.service # View firewall status systemctl Status firewalld.service # Set boot firewall systemctl enable firewalld.service # Set the boot does not start the firewall systemctl disable firewalld.service
First start the firewall, then add firewall rules
cmd = --zone public-Firewall-Port --add = 2020 / TCP - Permanent # Description:
# 2020 open port # -Zone scope # -add-Port = 2020 / tcp # Add port, the format is: port / protocol # -permanent permanent, this argument does not restart after failure
# After the addition is complete re-read firewall rules or restart the firewall, rule takes effect # reread firewall rules firewall-cmd - reload # or restart the firewall: systemctl restart firewalld.service
Ssh 3. Disconnect the current connection, and the connection port to 2020 ssh we try to connect the modified example, if the connection is OK, we continue the steps of:
After the normal connection, at this time we can remove the default port of 22
vim /etc/ssh/sshd_config
Delete Port 22 this line, leaving only our Port 2020, and then restart the ssh service
systemctl restart sshd.service
So far, centos7 modify the default ssh port completed