[root@BabyishRecent-VM ~]# vi /etc/ssh/sshd_config
[root@BabyishRecent-VM ~]# systemctl restart sshd
Job for sshd.service failed because a configured resource limit was exceeded. See "systemctl status sshd.service" and "journalctl -xe" for details.
[root@BabyishRecent-VM ~]# journalctl -xe
error: Bind to port 3389 on :: failed: Permission denied.
d[25004]: error: Bind to port 3389 on 0.0.0.0 failed: Permission denied.
d[25004]: fatal: Cannot bind any address.
查了一下,是selinux的问题,最简单的办法是关了selinux。
但是,想要开启selinux,并修改sshd的端口,需要把要添加的sshd服务端口在selinux上注册。
- 安装semanage
yum -y install policycoreutils-python
- 查看selinux中sshd当前的端口
[root@BabyishRecent-VM ~]# semanage port -l | grep ssh
ssh_port_t tcp 22
- 在selinux中添加端口
[root@BabyishRecent-VM ~]# semanage port -a -t ssh_port_t -p tcp 3389
[root@BabyishRecent-VM ~]# semanage port -l | grep ssh
ssh_port_t tcp 3389, 22
- 重启sshd服务
[root@BabyishRecent-VM ~]# systemctl restart sshd
[root@BabyishRecent-VM ~]# netstat -tunlp |grep sshd
tcp 0 0 0.0.0.0:3389 0.0.0.0:* LISTEN 25333/sshd
tcp6 0 0 :::3389 :::* LISTEN 25333/sshd
- 防火墙放行修改后的端口
[root@BabyishRecent-VM ~]# firewall-cmd --add-port=3389/tcp --permanent
success
[root@BabyishRecent-VM ~]# firewall-cmd --reload
success