How to modify the default SSH port in CentOS

The Builder developer online CentOS modifies the default SSH Port. if the connection is successful, edit the settings of sshd_config again and delete Port22. The reason for setting two ports first and closing one after the test is successful is to change the conf to allow access in case of unknown situations such as disconnection, network disconnection, and misoperation.

The Builder developer online CentOS modifies the default SSH Port. if the connection is successful, edit the settings of sshd_config again and delete Port22. The reason for setting two ports first and then disabling one after the test is successful is to prevent unknown situations such as disconnection, network disconnection, and misoperation during the conf modification process, you can also connect to the debugging through another port to prevent connection failures and contact the data center for debugging, which makes the problem more complicated and troublesome.

First, modify the configuration file.

Vi/etc/ssh/sshd_config

Find the section # Port 22, which indicates that Port 22 is used by default and changed to the following:

Port 22

Port 800

Save and exit

Run/etc/init. d/sshd restart

In this way, the SSH Port will work on both 22 and 800.

Now edit the firewall configuration: vi/etc/sysconfig/Iptables

Port 800 is enabled.

Run/etc/init. d/iptables restart

Now, use the ssh tool to connect to port 800 to test whether the connection is successful.

If the connection is successful, edit the settings of sshd_config again and delete Port22.

The reason for first setting two ports and then closing one after the test is successful is to modify the conf,

In case of unknown situations such as disconnection, network disconnection, and misoperation, you can connect to another port for debugging.

In order to avoid connection failure, you must contact the data center for debugging, which makes the problem more complicated and troublesome.

To enhance security

First, add a user with normal permissions:

# Useradd uploader

# Passwd uploader

// Set the password

The production machine prohibits ROOT remote SSH login:

# Vi/etc/ssh/sshd_config

Set

PermitRootLogin yes

Change

PermitRootLogin no

Restart sshd service

# Service sshd restart

Log on to the remote management console using uploader, and use su root to switch to the root user to obtain the highest permissions.

Modifying a common user has the root permission

1) enter the superuser mode. That is, enter "su-". The system will ask you to enter the superuser password and enter the password to enter the superuser mode. (Of course, you can also use root)

2) add the write permission for the file. That is, enter the command "chmod u + w/etc/sudoers ".

3) edit the/etc/sudoers file. That is, enter the command "vim/etc/sudoers", enter "I" to enter the editing mode, and find this line: "root ALL = (ALL) ALL "add" xxx ALL = (ALL) ALL "(here xxx is your user name), save it (that is, press Esc first, and then enter ": wq ") quit.

4) revoke the write permission of a file. That is, enter the command "chmod u-w/etc/sudoers ".