linux 更改ssh端口_如何在Linux中更改SSH端口-简易指南

linux 更改ssh端口

The default port on SSH is 22. But for security reasons, it’s a good idea to change SSH port in Linux. We’ll discuss why it’s necessary and how to make the change in a step by step manner.

SSH上的默认端口为22。但是出于安全原因，在Linux中更改SSH端口是一个好主意。 我们将逐步讨论为什么有必要，以及如何进行更改。

Requirements:

要求：

• SSH Server
  SSH服务器
• Text Editor
  文本编辑器
• Sudo Privileges
  须藤特权
• 5 minutes of time
  5分钟的时间

This is a very quick and straightforward tutorial owing to the simplicity of the SSH server configuration file.

由于SSH服务器配置文件的简单性，这是一个非常快速和直接的教程。

在Linux中更改SSH端口的步骤 (Steps To Change SSH Port in Linux)

Let’s get right into the crux of the tutorial first and then move on to understand why we’d even need to change the port in the first place.

首先让我们直接进入本教程的重点，然后继续理解为什么我们首先需要更改端口。

1.选择正确的SSH端口 (1. Choose the Right SSH Port)

Ports are networking endpoints that decide where a data packet should be delivered. Based on the port number, the correct application on an Operating System receives the requested package.

端口是网络端点，用于确定应将数据包传递到何处。 根据端口号，操作系统上的正确应用程序将收到请求的程序包。

Out of those 65535 ports, the first 1023 ports are reserved for well-known services and 1024 to 49151 ports are registered ports. What’s left for us to play around with are the ephemeral ports which range from 49152 to 65535.

在这65535个端口中，前1023个端口保留用于知名服务，而1024至49151个端口是已注册的端口。 剩下的就是临时端口，范围从49152到65535。

To know the list of known ports: Wikipedia Page on Ports and How to Open ports on Linux

要了解已知端口的列表： 关于端口的维基百科页面以及如何在Linux上打开端口

2.查找SSH服务器在哪个端口上处于活动状态 (2. Find Which Port the SSH Server is Active on)

We’ll run the netstat utility to show us the port that SSH server is currently active on.

我们将运行netstat实用程序，向我们显示SSH服务器当前处于活动状态的端口。

root@ubuntu:~# netstat -tlpn

Netstat to Find Ssh Port

Netstat查找Ssh端口

As you can see in the Local Address column, the row across to 628/sshd says 0.0.0.0:22 which confirms that the listening port is 22 for our SSH server.

如您在“ 本地地址”列中所看到的，628 / sshd上的行表示0.0.0.0:22 ，这确认我们的SSH服务器的侦听端口为22。

3.在sshd_config文件中更改SSH端口 (3. Change SSH Port in the sshd_config File)

Now that we know we’re still listening to the default port for SSH connections, we can go ahead and change it.

现在我们知道我们仍在侦听SSH连接的默认端口，我们可以继续进行更改。

All we need to do is simply edit one line in the /etc/ssh/sshd_config file. Use any of your favorite terminal text editors to open the file with sudo privileges.

我们所需要做的只是在/ etc / ssh / sshd_config文件中编辑一行。 使用任何您喜欢的终端文本编辑器以sudo权限打开文件。

root@ubuntu:~# nano /etc/ssh/sshd_config

I haven’t used sudo since I’m already on a root account.

我没有使用sudo，因为我已经是root用户了。

Once the file is open, look for a line that says #Port 22. This is where the magic happens. Since this line is commented by default, it uses the default port that is 22. All we need to do is uncomment the line and change the port number.

打开文件后，寻找显示#Port 22的行 。 这就是魔术发生的地方。 由于默认情况下此行已注释，因此它使用的默认端口为22。我们要做的就是取消注释该行并更改端口号。

Editing SSH Port

编辑SSH端口

Now for demonstration purposes, I’ve selected 50000 as the port number for SSH. Once you’ve edited the port number as per your requirements, you can now save the file and move to the next step.

现在出于演示目的，我选择了50000作为SSH的端口号。 根据需要编辑端口号后，现在可以保存文件并转到下一步。

4.重新启动SSH服务并检查更新的端口 (4. Restart SSH Service and Check Updated Port)

Saved the file? Great, let’s restart SSH Server and run the same netstat command once again to check if the port was updated.

保存文件？ 很好，让我们重新启动SSH Server并再次运行相同的netstat命令以检查端口是否已更新。

Run the below commands to get SSH server to restart and then run the netstat command again.

运行以下命令以使SSH服务器重新启动，然后再次运行netstat命令。

root@ubuntu:~# service sshd restart
root@ubuntu:~# netstat -tlpn

Ssh Updated Port

SSH更新的端口

You’re all set up now with a new SSH port that the SSH server is listening on.

现在，您已经全部设置好了SSH服务器正在侦听的新SSH端口。

为什么要更改Linux上的默认SSH端口？ (Why Change Default SSH Port on Linux?)

If you read through the Wikipedia article or through the tutorial on opening ports in Linux you’ll know that if your server has port 22 open, it’s very obvious that your server is listening for SSH connections.

如果您通读Wikipedia文章或有关在Linux中打开端口的教程，您会知道，如果服务器打开了端口22，则很明显，您的服务器正在侦听SSH连接。

Hackers are always on a lookout for servers that broadcast their open ports. And if they can identify the service behind the port because the default port number is used, things become much easier for them.

黑客总是在寻找广播其开放端口的服务器。 而且由于使用默认端口号，如果他们可以识别端口后面的服务，则对他们而言，事情变得容易得多。

REMEMBER: Changing the port will not secure your server from attacks but it will make it less obvious for a hacker.

谨记：更改端口不会使服务器免受攻击，但对于黑客而言，它将变得不那么明显。

结论 (Conclusion)

This was it for our short tutorial on changing SSH ports. I hope you understood how to change ssh port in Linux and why you should consider changing the defaults whenever possible.

这就是我们有关更改SSH端口的简短教程。 我希望您了解如何在Linux中更改ssh端口以及为什么应该考虑尽可能更改默认值。

If you have any questions or get stuck at any point, feel free to comment below.

如果您有任何疑问或遇到困难，请在下面发表评论。

翻译自: https://www.journaldev.com/35523/how-to-change-ssh-port-in-linux

linux 更改ssh端口