Полезные ссылки

• Change SSH port in CentOS with SELinux
• semanage command not found on CentOS 7 and RHEL 7
• Fedora 25: install / start / enable ssh server
• Памятка пользователям SSH

In CentOS the ssh server configuration can be found at /etc/ssh/sshd_config.

• Port 22

• Port 1234

From sshd’s perspective that should be enough to make it listen on both ports. If you have configured a firewall on your server, make sure the firewall is not blocking the new port.

Now we can restart sshd with the following command:

 /etc/init.d/sshd restart

After this you will see that the restart was successful. With the command “lsof -i -P -n” you can check all listening ports. You should see that sshd is not listening on the new port 1234 but still on 22.

his is SELinux in action. SSH is not supposed to listen on port 1234 as far as the SELinux rules are concerned. So we need to modify the SELinux configuration to allow sshd to listen on our new port 1234. To do this, we first need to check what ports sshd is allowed to listen on by executing the following command:

semanage port -l | grep ssh
ssh_port_t           tcp    22

To allow sshd to listen on our new port 1234 we have to add a rule to SELinux. This is done by executing the following command:

semanage port -a -t ssh_port_t -p tcp 1234

Please be patient while this command is running. It can take some time to finish.

PS. для установки semanage выполните :

dnf provides '*/semanage'  # проверить в какие пакеты входит semanage
sudo yum install policycoreutils-python # для centos
dnf install policycoreutils-python-utils-2.7-1.fc27.x86_64  # для fedora