首先 先做的就是 修改ssh的默认端口22
需要修改文件
/etc/ssh/sshd_config
使用命令
vi /etc/ssh/sshd_config
[[email protected] ~]# vi /etc/ssh/sshd_config # $OpenBSD: sshd_config,v 1.90 2013/05/16 04:09:14 dtucker Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/local/bin:/usr/bin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options override the # default value. # If you want to change the port on a SELinux system, you have to tell # SELinux about this change. # semanage port -a -t ssh_port_t -p tcp #PORTNUMBER # Port 48489 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: # The default requires explicit activation of protocol 1 #Protocol 2 # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 1024 # Ciphers and keying #RekeyLimit default none # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH SyslogFacility AUTHPRIV #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 #RSAAuthentication yes #PubkeyAuthentication yes # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 # but this is overridden so installations will only check .ssh/authorized_keys AuthorizedKeysFile .ssh/authorized_keys #AuthorizedPrincipalsFile none #AuthorizedKeysCommand none
先做就完成了 端口的修改 然后就需要让防火墙通过这个端口
centos 7 默认使用的 是 firewalld 所以先看看是否运行
firewall-cmd --state
然后看下 先做默认通过的端口都有哪些
查看端口 规则
firewall-cmd --permanent --list-port
刚才测试 添加了 端口 现在删除这个端口 参数--permanent 是永久配置 机子重启依然有效
删除端口
firewall-cmd --permanent --remove-port=48489/tcp
添加端口 到防火墙例外
firewall-cmd --permanent --zone=public --add-port=48489/tcp
然后通过putty ssh连接软件链接一下就好了~
firewalld 参考资料
http://blog.csdn.net/smstong/article/details/39317277
时间: 2024-11-07 05:26:09