Yadda ake Canja SSH Port a Linux

SSH ko Secure Shell daemon ƙa'idar ce ta hanyar sadarwa wacce ake amfani da ita don aiwatar da amintattun shiga cikin tsarin Linux ta hanyar amintaccen tashoshi ta hanyar cibiyoyin sadarwa marasa tsaro ta amfani da cryptography mai ƙarfi.

Ɗaya daga cikin mahimman amfanin ƙa'idar SSH shine ikon samun damar harsashi na Unix akan injunan Linux mai nisa da aiwatar da umarni. Koyaya, ka'idar SSH na iya ba da wasu aiwatarwa, kamar ikon ƙirƙirar amintattun ramukan TCP akan ƙa'idar, don canja wurin fayiloli a nesa da amintaccen tsakanin injina ko yin aiki azaman sabis na FTP.

Madaidaicin tashar tashar jiragen ruwa da sabis na SSH ke amfani dashi shine 22/TCP. Koyaya, kuna iya canza tashar tsoho ta SSH a cikin uwar garken Linux ɗinku, don cimma wani nau'in tsaro ta hanyar duhu saboda daidaitaccen tashar 22/TCP ana ci gaba da niyya don raunin hackers da bots a cikin intanet.

Don canza tsohuwar tashar sabis na SSH a cikin Linux, da farko kuna buƙatar buɗe babban fayil ɗin sanyi na SSH daemon don gyarawa tare da editan rubutu da kuka fi so ta ba da umarnin da ke ƙasa kuma ku yi canje-canje masu zuwa.

# vi /etc/ssh/sshd_config

A cikin fayil ɗin sshd_config, bincika kuma yi sharhi layin da ke farawa da Port 22, ta ƙara hashtag (#) a gaban layin. A ƙasan wannan layin, ƙara sabon layin tashar jiragen ruwa kuma saka tashar jiragen ruwa da kuke so don ɗaure SSH.

A cikin wannan misali, za mu saita sabis na SSH don ɗaure da sauraron tashar 34627/TCP. Tabbatar cewa kun zaɓi tashar jiragen ruwa bazuwar, zai fi dacewa mafi girma fiye da 1024 (mafi girman iyakar daidaitattun sanannun tashoshin jiragen ruwa). Matsakaicin tashar jiragen ruwa da za a iya saitawa don SSH shine 65535/TCP.

#Port 22
Port 34627

Bayan kun yi canje-canjen da ke sama, sake kunna SSH daemon don nuna canje-canje kuma ba da umarnin netstat ko ss don tabbatar da cewa sabis na SSH yana sauraron sabon tashar TCP.

# systemctl restart ssh
# netstat -tlpn| grep ssh
# ss -tlpn| grep ssh

A cikin rarraba tushen CentOS ko RHEL Linux, shigar da kunshin manufofincoreutils kuma ƙara ƙa'idodin ƙasa don shakata manufofin SELinux domin SSH daemon ya ɗaure kan sabon tashar jiragen ruwa.

# yum install policycoreutils
# semanage port -a -t ssh_port_t -p tcp 34627
# semanage port -m -t ssh_port_t -p tcp 34627
# systemctl restart sshd
# netstat -tlpn| grep ssh
# ss -tlpn| grep ssh

Hakanan, kar a manta da sabunta ƙa'idodin Tacewar zaɓi takamaiman don rarrabawar Linux ɗin ku da aka shigar don ba da damar haɗa haɗin kai mai shigowa akan sabuwar tashar SSH da aka ƙara.