修改ssh端口号之后报错：error: Bind to port xxxx on 0.0.0.0 failed: Permission denied.

报错内容：

[root@BabyishRecent-VM ~]# vi /etc/ssh/sshd_config 
[root@BabyishRecent-VM ~]# systemctl restart sshd
Job for sshd.service failed because a configured resource limit was exceeded. See "systemctl status sshd.service" and "journalctl -xe" for details.
[root@BabyishRecent-VM ~]# journalctl -xe
error: Bind to port 3389 on :: failed: Permission denied.
d[25004]: error: Bind to port 3389 on 0.0.0.0 failed: Permission denied.
d[25004]: fatal: Cannot bind any address

查了一下，是selinux的问题，最简单的办法是关了selinux。

但是，想要开启selinux，并修改sshd的端口，需要把要添加的sshd服务端口在selinux上注册。

1、安装semanage

yum -y install policycoreutils-python

2、查看selinux中sshd当前的端口

semanage port -l | grep ssh

3、在selinux中添加端口

[root@BabyishRecent-VM ~]# semanage port -a -t ssh_port_t -p tcp 3389 
[root@BabyishRecent-VM ~]# semanage port -l | grep ssh 
ssh_port_t tcp 3389, 22

4、重启sshd服务

[root@BabyishRecent-VM ~]# systemctl restart sshd
[root@BabyishRecent-VM ~]# netstat -tunlp |grep sshd
tcp 0 0 0.0.0.0:3389 0.0.0.0:* LISTEN 25333/sshd
tcp6 0 0 :::3389 :::* LISTEN 25333/sshd

5、防火墙放行修改后的端口

[root@BabyishRecent-VM ~]# firewall-cmd --add-port=3389/tcp --permanent
success
[root@BabyishRecent-VM ~]# firewall-cmd --reload
success

 

注：

转载自https://blog.csdn.net/qq_42734759/article/details/90021249