修改linux debian10 ssh默认22端口为自定义安全端口
连上SSH后,我们修改访问端口的文件为 /etc/ssh/sshd_config
vi /etc/ssh/sshd_config找到#Port 22这一段,把#号去掉即可,在这一段下面新加一段,Port 3088
root@:~# vi /etc/ssh/sshd_config
# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
Port 22
Port 3088
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
:wq 保存
wq保存后,重启SSH服务
使用
etc/init.d/sshd restart
或者
service sshd restart 如果无法访问,centos需要关闭iptables,debian忽略这里
使用
/etc/init.d/iptables stop
或者
service iptables stop
不关闭防火墙则需要新增一条方行通过3088端口的策略
vi /etc/sysconfig/iptables
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3088 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
版权声明:
作者:ivpsr.com
链接:https://ivpsr.com/240.html
文章版权归作者所有,未经允许请勿转载。
THE END
