# CentOS7 修改 SSH 端口号 ## 修改配置文件 打开 SSH 配置文件: ``` sudo vim /etc/ssh/sshd_config ``` 找到 `#Port 22` ,取消注释,修改端口号: ``` Port ``` > **Tips:** `` 为新端口号,范围为 1024-65535(注意回避一些常用软件端口号)。 保存并退出,重启 SSH 服务: ``` sudo systemctl restart sshd ``` ## 防火墙设置 查看默认区域永久配置: ``` sudo firewall-cmd --permanent --list-all ``` > public target: default icmp-block-inversion: no interfaces: sources: services: ssh ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: 可见 `services: ssh` 表示 SSH 服务已启用,`ports:` 为空表示没有添加其他任何端口。 > **Tips:** > > 如果未启用,可手动永久添加 SSH 服务到默认区域: > > ``` > sudo firewall-cmd --permanent --add-service=ssh > ``` > > 如果 `ports` 中永久添加了 `22/tcp` ,则永久删除: > > ``` > sudo firewall-cmd --permanent --remove-port=22/tcp > ``` 永久添加新的端口到 SSH 服务: ``` sudo firewall-cmd --permanent --service=ssh --add-port=/tcp ``` 从 SSH 服务永久移除默认的 22 端口: ``` sudo firewall-cmd --permanent --service=ssh --remove-port=22/tcp ``` 重载防火墙规则: ``` sudo firewall-cmd --reload ``` > **Tips:** 阿里云主机还需要在安全组规则或防火墙规则中添加入方向的 `/tcp` 端口,并删除 `22/tcp` 端口。 ## 登录测试 打开一个新的终端窗口,使用新端口登录: ``` ssh @ -p ``` 退出之前的 SSH 操作窗口: ``` exit ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://avincheng.gitbook.io/notebook/linux/centos/centos7-xiu-gai-ssh-duan-kou-hao.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.