13,420
edits
Changes
no edit summary
# Before we can use this new port we must change our firewall to allow traffic through the new port number and block access to port 22 by issuing the command:<br /><b><code><span style="color:#3366CC;font-size:1.2em;">iptables -I INPUT -p tcp -s0/0 --dport 2200 -j ACCEPT</span></code></b><code>iptables -I INPUT -p tcp -s0/0 --dport 22 -j DROP</code><br />
# To test the new port connect to '''centos1''' from '''centos2''' using the following command:<br /><b><code><span style="color:#3366CC;font-size:1.2em;">ssh -p 2200 user@centos1</span></code></b>
{|width="40%" align="right"|- valign="top" |{{Admon/importanttip |Troubleshooting Tips for SSH|Cannot connect via SSH?|To fix issues with the ability to ssh, on both machines:<ul><li>Ensure ssh is running. Systemctl status sshd.service.</li><li>Disable selinux by going into /etc/selinux/config and change "enforcing" to "disabled"; "targeted" to "minimum".</li><li>If your are still encountering problems flush iptables.</li></ulli>}}{{Admon/tip | Tip! | For scp access the option to be used is: <code>'''scp -P 2200'''</codeli></ul>}}{{Admon/tip | Tip! | For more ideas on making sshd more secure consult the HOW-TO link above.}}
<ol><li value="14">Finally as a system administrator you should periodically monitor your system logs for unauthorized login attempts.</li>
<li>On CentOS systems the log file that is used is '''/var/log/secure''' </li>
