欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

centos7 修改ssh远程登录端口

程序员文章站 2022-07-07 18:36:17
...

1.selinux状态

    -查看运行状态

     #sestatus

SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

        #setenforce [0/1]

    0 : 转成 permissive 宽容模式

    1 :转成 enforcing 强制模式

    -永久开启/关闭selinux

    #vim /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

    SELINUX=enforcing(强制)/permissive(宽容)/disabled(关闭)

enforcing :代表SELinux正在运行中,且已经正确开始限制 domin/type 了。

permissive :代表SELinux正在运行中,不过仅会有警告信息并不会世纪限制 domin/type 的访问。这种模式可以用来作为SELinux的调试只用。

disabled :关闭,SELinux并没有实际运行。

2.semanage管理工具

    #yum install policycoreutils-python

    #yum provides semanage

2.修改ssh端口

    #vim /etc/ssh/sshd_config

# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
#Port 22
Port 12345
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

3.向selinux中添加ssh端口 

    #semanage port -a -t ssh_port_t -p tcp 12345

4.重启ssh服务

    #systemctl restart sshd.service