How to modify the SSH port of the Linux server in CentOS7

Generally, the default ROOT port of the Linux VPS/server we choose and purchase is 22. In theory, port 22 needs to be modified to something else during actual use, so as to ensure a certain degree of security. During our operation, we will find that there are still quite a few differences between the centOS6 and centOS7 that we were familiar with before. In this article, Snail will record how to modify the default server SSH port of 22 under the centOS7 system.

Some one-click package WEB environments help modify the SSH port during the installation wizard. After this operation, there is no need to modify it. If other panels and one-click package WEB are used by default, they still need to be modified to ensure safety.

First, prepare safety instructions

1. For netizens who have not done this before, it is recommended that when trying to learn to modify the port, there must be no website files or other data in the new server. In this way, even if an operation error occurs, there will be no risk of data being inaccessible to the system. (Sometimes all possibilities exist)

2. If the data is important, you can back it up or take a snapshot first to ensure the safe storage of the data before modifying the port.

3. Check whether SElinux is turned off

sestatus

Check the command and enter it to see that it is in the disabled state. Do you need to turn it off first to prevent problems?

Second, steps to modify SSH port

1. Modify the /etc/ssh/sshd_config configuration file

If we are not familiar with the vi command, just download it locally and modify it. What we see by default is \\"# Port 22\\". You need to remove the # first, and then add a set port number in a new line. You can set the number to 1000-60000, and try not to conflict with other projects.

PS: We don’t want to remove 22 directly to prevent the new port from being able to log in later. Let’s keep 22 first and delete it after everything is fine.

2. Release port

firewall-cmd –permanent –zone=public –add-port=21212/tcpfirewall-cmd –reload

The red text here is the port we set and needs to be released. If the problem "FirewallD is not running" appears, you can refer to "Solving the problem of "Failed to start firewalld.service\" in CentOS7", which is caused by the failure to start.

3. Check whether the port is open

firewall-cmd –permanent –query-port=21212/tcp

4. Restart the SSH service

systemctl restart sshd.service

After restarting, we try to see if the new port can log in. If you can log in and then edit the file to edit or delete a line on port 22, you will definitely need to restart the SSH service after editing for it to take effect. If you are still not worried, before the official project, we can restart the server and then try again to see if the new port can be logged in.

In short, there are many ways to solve the problem on the Internet. The only thing you need to pay attention to is not to delete the original port before modifying the port. Wait until the new port has no problems before deleting the old port.

Recommended site searches: domain name registration center, Ministry of Industry and Information Technology ICP registration, server in the United States, free domain name registration, Hong Kong IP agent, free US host, free cloud server, foreign domain name application, how to build a server, station group server rental,