01 If you want to change the default port Linux SSH (22), then you just modify: / etc / ssh / sshd_config of Port 22, where they have to put 22 into port located on the line, but do not set up and is now Oh the same port, to avoid causing unknown consequences.
02 If you want to restrict SSH login IP, you can do the following:
First: Modify /etc/hosts.deny, added thereto sshd: ALL
Then: Modify: /etc/hosts.allow, in which the following settings: sshd: 192.168.0.241
This can restrict only the IP 192.168.0.241 landing on the LINUX machine via SSH. Of course, as the server side, I do not install gnome and KDE, but not a lot of stuff installed, thus increasing the safety factor.
First, modify the configuration file
vi / etc / ssh / sshd_config
Find #Port 22 paragraph here is to identify the default port 22, is amended as follows:
Then save and exit
Executive /etc/init.d/sshd restart
Such SSH port will work simultaneously with 22 and 50000.
Now edit the firewall configuration: vi / etc / sysconfig / iptables
50000 port is enabled.
Executive /etc/init.d/iptables restart
Now use ssh tool to connect port 50000 to test was successful. If the connection is successful, then re-edit sshd_config settings will delete Port22 inside, you can.
The reason why the first set to the two ports, a port and then turn off the test is successful, is to modify the way in conf process, in case dropped, broken nets, misuse and other unknown time, but also through a different port up commissioning in order to avoid the connection must not send people to the engine room, causing the problem even more complex problems.