ssh 修改端口号 --centos 7

1 vim /etc/ssh/sshd_config

Port   XXXXX

#XXXXX 为要修改的端口号，默认是22，直接在新的行添加Port   XXXXX即可。

2 systemctl restart sshd

 

常见问题，修改后重启失败

 

1 执行提示 journalctl -xe

SELinux is preventing /usr/sbin/httpd from name_bind access on the tcp_socket port XXX

执行  semanage port -a -t ssh_port_t -p tcp XXXXX 

---如果提示XXXXX 已经存在了

执行

semanage port -m -t ssh_port_t -p tcp XXXXX

-a 是添加，-m 是修改。

#XXXXX 为要添加的端口号。

添加时如果提示如下：

libsemanage.semanage_get_lock: Could not get direct read lock at /etc/selinux/targeted/semanage.read.LOCK. (Resource temporarily unavailable).
libsemanage.enter_ro: could not get the active lock (Resource temporarily unavailable).
libsemanage.enter_ro: could not enter read-only section (Resource temporarily unavailable).

执行

mv /etc/selinux/targeted/semanage.trans.LOCK /etc/selinux/targeted/semanage.trans.LOCK.back

如果提示如下

libsemanage.semanage_get_lock: Could not get direct read lock at /etc/selinux/targeted/semanage.read.LOCK. (Resource temporarily unavailable).
libsemanage.enter_ro: could not get the active lock (Resource temporarily unavailable).
libsemanage.enter_ro: could not enter read-only section (Resource temporarily unavailable).

mv /etc/selinux/targeted/semanage.read.LOCK /etc/selinux/targeted/semanage.read.LOCK2

再次执行  semanage port -a -t ssh_port_t -p tcp XXXXX 

semanage port -l |grep  XXXXX

如果添加成功，重启sshd就可以了。