centos 6.5下修改SSH端口及禁用root远程登录的方法
<p><strong>前言</strong></p>
<p>
我们大家都知道 SSH 的默认端口为 22,但是基于安全的需要,我们需要修改服务器的 SSH 端口,和禁用 root 远程登录。</p>
<p>
通过以下步骤,我们通过编辑<code> /etc/ssh/sshd_config </code>,将端口修改为 10089,并禁用 root 远程登录,同时为新端口添加防火墙规则,并删除默认端口的规则。</p>
<p>
<span>注意:</span>1,使用 root 用户执行以下步骤;2,只在 CentOS 6.5 下验证。</p>
<p>
<strong>修改端口</strong></p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_559494">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash functions">vi</code> <code class="bash plain">/etc/ssh/sshd_config</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">Port 10089 </code><code class="bash comments">#端口号</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">PermitRootLogin no </code><code class="bash comments"># 禁止root ssh</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
<strong>为新端口开通防火墙规则</strong></p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_666254">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">iptables -I INPUT 4 -m state --state NEW -p tcp --dport 10089 -j ACCEPT</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">service iptables save</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">service iptables reload</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
<strong>删除22端口的规则</strong></p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_424774">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash plain">iptables -D INPUT $RULE_LINE_NUMBER</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">service iptables save</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">service iptables reload</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
<code>$RULE_LINE_NUMBER</code> 可以通过 <code>iptables -L -n –line-number</code> 来查看</p>
<p>
<strong>总结</strong></p>
<p>
以上就是关于centos6.5下修 SSH端口并禁用root远程登录的全部内容了,希望本文的内容对大家的学习或者工作能带来一定的帮助,如果有疑问大家可以留言交流。</p>
<p>
原文链接:https://buzheng.org/centos-modify-ssh-port-and-forbid-root-remote.html</p>
頁:
[1]