CentOS7 配置 SSH监听多个端口方法
一、修改ssh默认端口,防止暴力破解,让系统安全多一点点:
i. 在配置文件/etc/ssh/sshd_config文件中修改
17 Port 5522 18 #AddressFamily any 19 #ListenAddress 0.0.0.0 20 #ListenAddress ::
ii. 然后重启sshd
[root@localhost ~]# systemctl restart sshd
iii. 如果自定义端口,重启sshd出现如下报错:
[root@localhost ~]# systemctl restart sshd Job for sshd.service failed because the control process exited with error code. See "systemctl status sshd.service" and "journalctl -xe" for details.
查看详细如下:
[root@localhost ~]# journalctl -xe -- -- Unit sshd.service has failed. -- -- The result is failed. Jul 19 22:39:08 localhost.localdomain systemd[1]: Unit sshd.service entered failed state. Jul 19 22:39:08 localhost.localdomain systemd[1]: sshd.service failed. Jul 19 22:39:08 localhost.localdomain polkitd[695]: Unregistered Authentication Agent for unix-process:3128:1153611 Jul 19 22:39:38 localhost.localdomain polkitd[695]: Registered Authentication Agent for unix-process:3140:1156691 (s Jul 19 22:39:38 localhost.localdomain systemd[1]: Starting OpenSSH server daemon... -- Subject: Unit sshd.service has begun start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit sshd.service has begun starting up. Jul 19 22:39:38 localhost.localdomain sshd[3146]: error: Bind to port 5522 on 0.0.0.0 failed: Permission denied. Jul 19 22:39:38 localhost.localdomain sshd[3146]: error: Bind to port 5522 on :: failed: Permission denied. Jul 19 22:39:38 localhost.localdomain sshd[3146]: fatal: Cannot bind any address. Jul 19 22:39:38 localhost.localdomain systemd[1]: sshd.service: main process exited, code=exited, status=255/n/a Jul 19 22:39:38 localhost.localdomain systemd[1]: Failed to start OpenSSH server daemon. -- Subject: Unit sshd.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit sshd.service has failed. -- -- The result is failed. Jul 19 22:39:38 localhost.localdomain systemd[1]: Unit sshd.service entered failed state. Jul 19 22:39:38 localhost.localdomain systemd[1]: sshd.service failed. Jul 19 22:39:38 localhost.localdomain polkitd[695]: Unregistered Authentication Agent for unix-process:3140:1156691
iv. 解决办法,关闭SELinux即可
# 临时关闭 [root@localhost ~]# setenforce 0 # 永久关闭 [root@localhost ~]# vim /etc/selinux/config --------------------修改配置------------------------ SELINUX=disabled
v. 检查是否成功
注:如果重启sshd成功没有出现报错,但是检查端口时无效,也是跟SELinux有关,请把它Disable。
[root@localhost ~]# netstat -ntlp | grep sshd tcp 0 0 0.0.0.0:5522 0.0.0.0:* LISTEN 3166/sshd tcp6 0 0 :::5522 :::* LISTEN 3166/sshd
二、配置sshd监听多端口
注:必须把上面的port 5522注释掉,然后增加listenAddress
[root@localhost ~]# vim /etc/ssh/sshd_config ---------------- 配置如下 ---------------- #Port 5522 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: ListenAddress 0.0.0.0:22 ListenAddress 0.0.0.0:5522
重启sshd:
[root@localhost ~]# systemctl restart sshd
检查是否成功:
注:如果配置无效,请检查SELinux是否Disable
[root@localhost ~]# netstat -ntlp | grep sshd tcp 0 0 0.0.0.0:5522 0.0.0.0:* LISTEN 3323/sshd tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 3323/sshd
收工!
作者:神奇二进制
文章出处:https://www.cnblogs.com/l-hh/
本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文链接,否则保留追究法律责任的权利。
文章如有叙述不当的地方,欢迎指正。如果觉得文章对你有帮助,可以精神上的支持 [推荐] 或者 [关注我] ,一起交流,共同进步!
