sshのポート番号の変更

sshのポート番号を22から1234に変更する例

  • /etc/ssh/sshd_configを修正
#Port 22
↓
Port 1234
  • SELinux
# yum install policycoreutils-python
# semanage port -a -t ssh_port_t -p tcp 1234
# semanage port -l | grep ssh
# systemctl restart sshd
# ps auxw | grep sshd
# ss -t -l -n
  • firewalldの設定
    /usr/lib/firewalld/services/ssh.xmlを元にして、portを書き換えた/etc/firewalld/services/ssh-alt.xmlを作る
    <?xml version="1.0" encoding="utf-8"?>
    <service>
      <short>SSH</short>
      <description>Secure Shell (SSH) is a protocol for logging into and executing commands on remote machines. It provides secure encrypted communications. If you plan on accessing your machine remotely via SSH over a firewalled interface, enable this option. You need the openssh-server package installed for this option to be useful.</description>
      <port protocol="tcp" port="1234"/>
    </service>

    以下のコマンドを実行

    # firewall-cmd --reload
    # firewall-cmd --add-service=ssh-alt
    # firewall-cmd --permanent  --add-service=ssh-alt
    # firewall-cmd --remove-service=ssh
    # firewall-cmd --permanent --remove-service=ssh
    # firewall-cmd --list-all
    # firewall-cmd --reload
    # firewall-cmd --list-all