The default SSH port is 22, always logged in by a person scan!
Modify the default port to 2218 method:
Modify the SSH config file/etc/ssh/sshd_config, remove the comments in front of Port 22, and change the 22 to 2218
[Email protected] ~]# Whereis sshssh:/usr/bin/ssh/etc/ssh/usr/share/man/man1/ssh.1.gz[[email protected] ~]# cd/etc/s Sh[[email protected] ssh]# lltotal 272-rw-------1 root root 242153 June 9 moduli-rw-r--r--1 root root
2123 Dec 10:03 ssh_config-rw-r--r--1 root root 2123 Dec 09:55 ssh_config.bak-rw-------1 root root 4443 D EC sshd_config-rw-r-----1 root ssh_keys 227 Dec 10:02 01:29 ssh_host_ecdsa_key-rw-r--r--1 root root 162 De C ssh_host_ecdsa_key.pub-rw-r-----1 root ssh_keys 1679 Dec 01:29 01:29 ssh_host_rsa_key-rw-r--r--1 root root
382 Dec 01:29 ssh_host_rsa_key.pub[[email protected] ssh]# nano sshd_config
Modify Iptables Firewall:/etc/sysconfig/iptables
#-a input-p tcp-m State--state new-m TCP--dport 22-j ACCEPT
Switch
#-a input-p tcp-m State--state new-m TCP--dport 22-j accept-a input-p tcp-m State--state new-m TCP--dport 2218 -j ACCEPT
Save exit
Restart Iptables
[[email protected] sysconfig]# systemctl stop iptables[[email protected] sysconfig]# systemctl start iptables[[ Email protected] sysconfig]# systemctl status Iptablesiptables.service-ipv4 firewall with Iptables loaded:loaded (/usr/lib/systemd/system/iptables.service; enabled) Active:active (exited) since Thu 2014-12-18 10:11:13 EST; 5s ago process:24537 execstop=/usr/libexec/iptables/iptables.init Stop (code=exited, status=0/success) process:24605 E Xecstart=/usr/libexec/iptables/iptables.init Start (code=exited, status=0/success) Main pid:24605 (code=exited, status=0/success) Dec 10:11:13 Niche systemd[1]: Starting IPV4 firewall with iptables ... Dec 10:11:13 Niche iptables.init[24605]: iptables:applying firewall rule ...] Dec 10:11:13 Niche systemd[1]: Started IPv4 Firewall with iptables. Hint:some lines were ellipsized, use-l to show in full.
Restart sshd
[Email protected] sysconfig]# systemctl status sshdsshd.service-openssh Server daemon loaded:loaded (/usr/lib/system D/system/sshd.service; Enabled) active:active (running) since Thu 2014-12-18 10:05:25 EST; 6min ago process:24469 Execstartpre=/usr/sbin/sshd-keygen (code=exited, status=0/success) Main pid:24470 (sshd) CGrou P:/system.slice/sshd.service└─24470/usr/sbin/sshd-ddec 10:05:25 niche systemd[1]: starting OpenSSH server Daemon ... Dec 10:05:25 Niche systemd[1]: Started OpenSSH server daemon. Dec 10:05:25 Niche sshd[24470]: server listening on 0.0.0.0 port 2271.Dec 10:05:25 niche sshd[24470]: server Listeni Ng on:: Port 2271.Dec 10:06:20 niche sshd[24476]: Accepted password-root from 113.99.1...h2dec 10:07:03 niche s SHD[24503]: Accepted password for root from 113.99.1...h2hint:some lines were ellipsized, use-l to show in full.
by [email protected], Welcome to Exchange!
Centos7 Modify the SSH port!