All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Security: SSH Port Change CentOS 7
thought i would ask this question here, assuming this is a general centos thing and not specific to my provider.
I have been setting up a new VPS (Centos 7 x64), and was doing my usual setup process. And every time, i get stuck at the SSH Port change. I have few other Centos 6 VPS's (with different provider) and they all work fine with this process.
Following this guide: https://www.digitalocean.com/community/tutorials/initial-server-setup-with-centos-7
Doing Step 1, 2, 3, 5, and 6. (Skipping step 4 for now, as i dont wnat to setup the keys). But after reloading my putty to connect via SSH using the new port, i get a "connection timed out".
Am i doing something wrong here?
tried few ports, and tried restarting/reinstalling etc as well. No luck. Any one have been through this before?
Cheers.
Comments
just to add, after changing the port, I cannot connect using port 22 either, it throws an error "connection refused", which is expected.
Simply install google's 2 auth and no need to change the port.
Did you open the port in the firewall?
Noop, i assumed this is the issue. Can someone direct me to find out how to do this?
Cheers.
look if the firewall is blocking your ssh on custom port (most likely this is the case, since I didn't see firewall mentioned on the tutorial)
firewall-cmd --permanent --remove-service=ssh
firewall-cmd --permanent --add-port=CUSTOMPORT/tcp
firewall-cmd --reload
(most likely this is not the case since it's a VPS) if selinux is enabled, sshd won't start at all on any other port than 22:
yum -y install policycoreutils-python
semanage port -a -t ssh_port_t -p tcp CUSTOMPORT
Replace CUSTOMPORT with your own customized port number for ssh. Or alternatively, just use SSH keys since security by obscurity isn't a best practice.
i see in your link digitalocean in step (Change SSH Port (Optional) )
they change a port 22 into 4444
may be you can login to your server with port 4444
$ ssh root@ipaddressyourserver -p 4444
firewall-cmd --permanent --remove-service=ssh
firewall-cmd --permanent --add-port=CUSTOMPORT/tcp
firewall-cmd --reload
yum -y install policycoreutils-python
semanage port -a -t ssh_port_t -p tcp CUSTOMPORT
Noop, no luck. Tried both Might contact the Host and see.
After you change the ssh port, restart/reload ssh service, and make sure the new port is open through your firewall...CentOS 7 uses firewalld and it is likely blocking your new ssh port.
"cat /etc/ssh/sshd_config | grep Port" tells you which port sshd listens on.
Editing that file and restarting sshd you can change it.
So you are saying, Melita's commands are incorrect? Instead of firewall-cmd, i should use something else?
firewall-cmd --permanent --add-port=CUSTOMPORT/tcp
firewall-cmd --reload
Problem solved by using this:
https://www.liberiangeek.net/2014/11/change-openssh-port-centos-7/
Cheers for all the help.