1. Setting the SELinux port
[Email protected] ~]# semanage port-l|grep ssh-bash:semanage: Command not found [[email protected] ~]# Whereis semanagesemanage:
Missing semanage, need to install Net-tools (this package also contains the ifconfig, otherwise you can only use IP addr to see ~)
[[email protected] ~]# yum install net-tools[[email protected] ~]# semanage port-l|grep ssh-bash:semanage: Command not found
After installation or prompt not found, also need to install Policycoreutils-python
[Email protected] ~]# yum-y install Policycoreutils-python
[[email protected] ~]# semanage port-l|grep sshssh_port_t TCP 22[[email protected] ~]# semanage port-a-T Ssh_po Rt_t-p TCP 12345[[email protected] ~]# semanage port-l|grep sshssh_port_t tcp 12345, 22
2. Set the port in the FIREWALLD
[[email protected] ~]# systemctl status firewalldfirewalld.service-firewalld-dynamic firewall daemon Loaded:lo aded (/usr/lib/systemd/system/firewalld.service; enabled) active:active (running) since six 2015-10-17 15:51:47 CST; 3h 5min ago Main pid:807 (FIREWALLD) CGroup:/system.slice/firewalld.service└─807/usr/bin/python-es/usr/s BIN/FIREWALLD--nofork--nopid10 Month 15:51:46 HN.KD.NY.ADSL systemd[1]: Starting firewalld-dynamic Firewall daemon ... October 15:51:47 HN.KD.NY.ADSL systemd[1]: Started firewalld-dynamic firewall daemon. [[email protected] ~]# firewall-cmd--zone=public--add-port=12345/tcp--permanentsuccess[[email Protected] ~]# firewall-cmd--query-port=12345/tcpno[[email protected] ~]# systemctl Reload Firewalld[[email protected] ~]# firewall-cmd--query-port=12345/tcpfirewalld is not running[[email protected] ~]# Firewall-cmd--query-port=12345/tcpfirewalld is not running[[email protected] ~]# systemctl start fiRewalld[[email protected] ~]# firewall-cmd--query-port=12345/tcpyes
3. Modify the port in the Sshd_config
[Email protected] ~]# Vi/etc/ssh/sshd_configport 12345
[Email protected] ~]# systemctl restart Sshd.service
4. Testing
CENTOS7 changing the sshd port via Firewalld