Procedure For modifying an SSH port (Centos7) :
Step1 modify/etc/SSH/sshd_config
vi /etc/ssh/sshd_config
Port 22 // Remove # from this line, in case the configuration is not good and remote login can not be done, you have to go to the machine room to modify, after the modified Port can be used after the comment out
Port 20000 // Add this line below
Step2 modify firewall configurations
Firewall Add the SSH port to be modified.
Firewall-cmd –zone=public –add-port=20000/ TCP –permanent
If no, run systemctl start firewalld to start the system
reload firewall:
firewall-cmd –reload
Check whether the port is added successfully. If yes is displayed, otherwise no is displayed
firewall-cmd –zone=public –query-port=20000/tcp
If ali Cloud is used, you need to configure security group rules
Step3 modify SELinux
Use the following command to view the SSH ports currently allowed by SElinux:
semanage port -l | grep ssh
Semanage Command not found in Linux
Run: yum provides /usr/sbin/semanage or yum Whatprovides /usr/sbin/semanage
Yum -y install policycoreutils-python
If SELinux is not enabled, enable it first
Check SELinux status:
/usr/sbin/sestatus -v ## If SELinux status is enabled, SELinux is enabled
SELinux status: enabled
Open the SELinux
Modify the /etc/selinux/config file
Change SELINUX=disabled to SELINUX=enforcing
Just reboot the machine.
Add port 20000 to SELinux
semanage port -a -t ssh_port_t -p tcp 20000
And then make sure you add it
semanage port -l | grep ssh
Output if successful
ssh_port_t tcp 20000, 22
Step4 restart SSH
systemctl restart sshd.service
Step5 test the SSH connection of the new port
Test SSH connection after port modification, if successful, comment out port 22 in step1.