• Centos 7 修改SSH默认端口

    centos 7 修改ssh默认端口后,远程连不上了,查了资料,稍微总结一下。
    step1 修改/etc/ssh/sshd_config
    vi /etc/ssh/sshd_config
    #Port 22         //这行去掉#号
    Port 20000      //下面添加这一行

    step2 修改SELinux
    使用以下命令查看当前SElinux 允许的ssh端口:
    semanage port -l | grep ssh

    添加20000端口到 SELinux
    semanage port -a -t ssh_port_t -p tcp 20000

    然后确认一下是否添加进去
    semanage port -l | grep ssh
    如果成功会输出
    ssh_port_t                    tcp    20000, 22
    我一般是禁用selinux

    step3 禁用centos 7的默认防火墙firewalld
    $ systemctl stop firewalld.service ### - stop firewall daemon
    $ systemctl disable firewalld.service ### - stop firewall daemon being start at start-up

    $ systemctl enable iptables.service ### - start IPtable service
    https://www.centos.org/forums/viewtopic.php?f=50&t=49250

    step4启用老的iptables防火墙
    vi /etc/sysconfig/iptables
    增加一行
    -A INPUT -p tcp -m state --state NEW -m tcp --dport 20000 -j ACCEPT

    step5 重启ssh
    systemctl restart sshd.service

    http://blog.csdn.net/jasper_success/article/details/38537049

    注意要sshd放在最后一步重新启动,如果上面的步骤不设置好,远程就挂了。






    备注:  http://ludihua.blog.51cto.com/4601284/1438488

    添加20000端口到 SELinux
    semanage port -a -t ssh_port_t -p tcp 20000

    libsemanage.semanage_get_lock: Could not get direct transaction lock at /etc/selinux/targeted/modules/semanage.trans.LOCK. (Resource temporarily unavailable).

    Could not change policy booleans



    [root@localhost ~]# setsebool -P samba_export_all_rw on

    libsemanage.semanage_get_lock: Could not get direct transaction lock at /etc/selinux/targeted/modules/semanage.trans.LOCK. (Resource temporarily unavailable).

    Could not change policy booleans

    报错信息如上,仔细看了下报错,不能直接锁定xxx文件然后我把/etc/selinux/targeted/modules/semanage.trans.LOCK移动到其他地方试了下,我擦,它好了,不知道什么情况,

    [root@localhost modules]# ls

    active  semanage.read.LOCK  semanage.trans.LOCK  tmp

    [root@localhost modules]# cat semanage.trans.LOCK

    [root@localhost modules]# mv semanage.trans.LOCK ../

    [root@localhost modules]# ls

    active  semanage.read.LOCK  tmp

    [root@localhost modules]# setsebool -P samba_export_all_rw on

    [root@localhost modules]# getsebool -a |grep samba

    samba_create_home_dirs --> off

    samba_domain_controller --> off

    samba_enable_home_dirs --> off

    samba_export_all_ro --> off

    samba_export_all_rw --> on

    samba_portmapper --> off

    samba_run_unconfined --> off

    samba_share_fusefs --> off

    samba_share_nfs --> off

    sanlock_use_samba --> off

    use_samba_home_dirs --> off

    virt_use_samba --> off
  • 相关阅读:
    关于SQLServer数据库中字段值为NULL,取出来该字段放在DataTable中,判断datatable中该字段值是否为NULL的三种方法
    关于web程序中使用KindEditor向数据库插入带有格式的数据时出现的问题
    使用再生龙对ubuntu16.04系统完全备份与还原
    mysql数据库操作指令汇总
    ubuntu安装supervisor以及使用supervisor启动.net core进程
    c#小数取整
    nuget.server搭建及实际测试
    mysql主从同步+mycat读写分离+.NET程序连接mycat代理
    EasyNVR-流媒体服务详解
    Js实现子窗体给父窗体的元素赋值
  • 原文地址:https://www.cnblogs.com/smallfa/p/4920561.html
Copyright © 2020-2023  润新知