centos7 修改默認ssh端口 22

默認ssh端口爲 22，總是被人掃描登錄！

修改默認端口爲39999的方法：

修改ssh配置文件 /etc/ssh/sshd_config，將裏面的 Port 22前面的註釋去掉，將22修改爲 39999

[root@niche ~]# whereis ssh
ssh: /usr/bin/ssh /etc/ssh /usr/share/man/man1/ssh.1.gz

[root@niche ~]# cd /etc/ssh
[root@niche ssh]# ll
total 272
-rw------- 1 root root     242153 Jun  9  2014 moduli
-rw-r--r-- 1 root root       2123 Dec 18 10:03 ssh_config
-rw-r--r-- 1 root root       2123 Dec 18 09:55 ssh_config.bak
-rw------- 1 root root       4443 Dec 18 10:02 sshd_config
-rw-r----- 1 root ssh_keys    227 Dec 16 01:29 ssh_host_ecdsa_key
-rw-r--r-- 1 root root        162 Dec 16 01:29 ssh_host_ecdsa_key.pub
-rw-r----- 1 root ssh_keys   1679 Dec 16 01:29 ssh_host_rsa_key
-rw-r--r-- 1 root root        382 Dec 16 01:29 ssh_host_rsa_key.pub

[root@niche ssh]# vi sshd_config
#Port 端口改爲39999

修改iptables 防火牆：/etc/sysconfig/iptables

將 -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT

改爲-A INPUT -p tcp -m state --state NEW -m tcp --dport 39999-j ACCEPT

保存退出

重啓iptables

[root@niche sysconfig]# systemctl start iptables
[root@niche sysconfig]# systemctl status iptables
iptables.service - IPv4 firewall with iptables
   Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled)
   Active: active (exited) since Thu 2014-12-18 10:11:13 EST; 5s ago
  Process: 24537 ExecStop=/usr/libexec/iptables/iptables.init stop (code=exited,
 status=0/SUCCESS)
  Process: 24605 ExecStart=/usr/libexec/iptables/iptables.init start (code=exite
d, status=0/SUCCESS)
 Main PID: 24605 (code=exited, status=0/SUCCESS)

Dec 18 10:11:13 niche systemd[1]: Starting IPv4 firewall with iptables...
Dec 18 10:11:13 niche iptables.init[24605]: iptables: Applying firewall rule...]
Dec 18 10:11:13 niche systemd[1]: Started IPv4 firewall with iptables.
Hint: Some lines were ellipsized, use -l to show in full

重啓sshd

[root@niche sysconfig]# systemctl status sshd  
sshd.service - OpenSSH server daemon  
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)  
   Active: active (running) since Thu 2014-12-18 10:05:25 EST; 6min ago  
  Process: 24469 ExecStartPre=/usr/sbin/sshd-keygen (code=exited, status=0/SUCCE  
SS)  
 Main PID: 24470 (sshd)  
   CGroup: /system.slice/sshd.service  
           └─24470 /usr/sbin/sshd -D  

Dec 18 10:05:25 niche systemd[1]: Starting OpenSSH server daemon...  
Dec 18 10:05:25 niche systemd[1]: Started OpenSSH server daemon.  
Dec 18 10:05:25 niche sshd[24470]: Server listening on 0.0.0.0 port 2271.  
Dec 18 10:05:25 niche sshd[24470]: Server listening on :: port 2271.  
Dec 18 10:06:20 niche sshd[24476]: Accepted password for root from 113.99.1...h2  
Dec 18 10:07:03 niche sshd[24503]: Accepted password for root from 113.99.1...h2  
Hint: Some lines were ellipsized, use -l to show in full.  

轉至http://blog.csdn.net/default7/article/details/42015409