1、修改/etc/ssh/sshd_config文本,在#Port 22后添加Port 25533,最好选择端口在20000以上的没有用到的端口,防止被轻易破解,如下:
- [root@cnt ~]# vi /etc/ssh/sshd_config
- #Port 22
- Port 25533
- #AddressFamily any
- #ListenAddress 0.0.0.0
- #ListenAddress ::
2、
- [root@cnt ~]# vim /etc/sysconfig/iptables
- # Firewall configuration written by system-config-firewall
- # Manual customization of this file is not recommended.
- *filter
- :INPUT ACCEPT [0:0]
- :FORWARD ACCEPT [0:0]
- :OUTPUT ACCEPT [0:0]
- -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
- -A INPUT -p icmp -j ACCEPT
- -A INPUT -i lo -j ACCEPT
- -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
- -A INPUT -m state --state NEW -m tcp -p tcp --dport 25533 -j ACCEPT
这样可以避免因为防火墙造成的无法连接,并且注意添加的红色字体的规则的位置,最好放在这里,避免不清楚防火墙策略语句造成的错误。
3、重启ssh服务:/etc/rc.d/init.d/sshd restart
- [root@cnt ~]# /etc/rc.d/init.d/sshd restart
- Stopping sshd: [ OK ]
- Starting sshd: [ OK ]
- service iptables restart
- iptables: Setting chains to policy ACCEPT: filter [ OK ]
- iptables: Flushing firewall rules: [ OK ]
- iptables: Unloading modules: [ OK ]
- iptables: Applying firewall rules: [ OK ]
5、最后重新连接Xshell使用新的端口号25533即可。这样就可以安全的修改ssh端口了,避免被别人轻易破解。
转载自:https://blog.csdn.net/fuda_zwd_2015/article/details/76624623