Thursday, June 15, 2017

RHEL7 / CentOS7 with sshd on ports 22 and 443

Short version: Not as simple as you thought.

If you've tried to run sshd on port 443 on RHEL7 / CentOS7 server with selinux enabled you're probably familiar with these errors:

sshd[834]: error: Bind to port 443 on 0.0.0.0 failed: Permission denied.
sshd[834]: error: Bind to port 443 on :: failed: Permission denied.
ValueError: Port tcp/443 already defined
ValueError: Port tcp/443 is defined in policy, cannot be deleted

Solution:

yum install policycoreutils-python
semanage port -m -t ssh_port_t -p tcp 443

firewall-cmd --permanent --zone=public --add-port=443/tcp
firewall-cmd --reload

echo "Port 22" >>/etc/ssh/sshd_config
echo "Port 443" >>/etc/ssh/sshd_config
systemctl restart sshd.service


No comments:

Post a Comment

Got something to say?!