阿里云ECS服务器更改了SSH端口后的相关操作

 

 

ECS服务器内查看SSH端口(已被更改的

[root@test ~]# grep ^Port /etc/ssh/sshd_config 
Port 56866
[root@test ~]# netstat -lntup|grep sshd
tcp        0      0 0.0.0.0:56866           0.0.0.0:*               LISTEN      721/sshd

 

ECS服务器控制台--安全组规则

    

 

此时,在客户端 Windows 下使用 telnet 到该云服务器的 56866 端口,发现不通。

检查 阿里云ECS服务器的 防火墙。

 

ECS服务器查看防火墙的设置

修改前:

[root@test ~]# service iptables status
Redirecting to /bin/systemctl status  iptables.service
● iptables.service - IPv4 firewall with iptables
   Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
   Active: active (exited) since Tue 2019-11-26 09:38:26 CST; 9min ago
  Process: 1189 ExecStop=/usr/libexec/iptables/iptables.init stop (code=exited, status=0/SUCCESS)
  Process: 1240 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
 Main PID: 1240 (code=exited, status=0/SUCCESS)

Nov 26 09:38:26 test systemd[1]: Starting IPv4 firewall with iptables...
Nov 26 09:38:26 test iptables.init[1240]: iptables: Applying firewall rules: [  OK  ]
Nov 26 09:38:26 test systemd[1]: Started IPv4 firewall with iptables.

[root@51youjihui ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:80
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

 

修改后:

[root@test~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:56866
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:80
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

 

 

 

posted on 2019-11-26 09:52  morgan363  阅读(1447)  评论(0编辑  收藏  举报

导航