问题
I am not able to access Amazon EC2 instance via ssh as i am behind a firewall. So, i thought of running ssh on port other than 22, like 80 or 443.
I tried starting Amazon EC2 instance via Web Management Console with following 'user data':
#!/bin/bash -ex
perl -pi -e 's/^#?Port 22$/Port 80/' /etc/ssh/sshd_config
service sshd restart || service ssh restart
The idea being that the above script would execute on instance startup and switch ssh from port 22 to port 80. (Ref: http://alestic.com/2010/12/ec2-ssh-port-80)
But ssh is still not accessible on port 80. Apparently 'user data' script is not being executed on start up?
I can 'only' start stop instances via Web Management Console, not from command-line (being behind firewall)
Any ideas?
回答1:
To connect to an AWS instance through ssh from a port different than default 22:
- Open the security group of your instance so that it allows connections to that port from the source that you choose (0.0.0.0/0 for any source).
In your instance:
- It is a new instance you could use an user-data script like this one:
#!/bin/bash -ex perl -pi -e 's/^#?Port 22$/Port 443/' /etc/ssh/sshd_config service sshd restart || service ssh restart
Please note that this only works if you are launching a new instance:
User data scripts and cloud-init directives only run during the first boot cycle when an instance is launched.
- If it is not a new Instance, edit the
/etc/ssh/sshd_configfile adding/changingPort 22to the port that you want (i.e:Port 443) to connect through ssh and then doservice ssh restartand you should be done.
Note: I did this with an Ubuntu instance, with another Linux instances may be slightly different.
回答2:
The amazon firewall blocks all ports other than 22. You first have to enable port 80/443/whatever.
HOWTO: Go to "security groups" -> click on the group you chose for your instance, then on the "Inbound" tab.
There you can add your ports.
EDIT: If by chance you also installed apache or some other webserver, port 80 will be used and cannot be used by sshd. I do not know which operating system is installed on your server, but maybe some webserver is already included?
回答3:
Here is what I came up with to run sshd on 443 and 22 having rhel8 on ec2
- make sure your security groups allow connection from your network/ip to the desired ports (in my case 22 and 443)
tcp 443 1.2.3.4/32 #allow access to 443 from IP 1.2.3.4
tcp 22 1.2.3.4/32 #allow access to 22 from IP 1.2.3.4
- Login to the EC2 and
#install semanage with
sudo yum install -y policycoreutils-python-utils
#delete 443 from http ports
sudo semanage port -d -t http_port_t -p tcp 443
#add 443 to ssh ports
sudo semanage port -m -t ssh_port_t -p tcp 443
- Edit /etc/ssh/sshd_config
Port 22
Port 443
- Restart sshd
sudo service sshd restart
来源:https://stackoverflow.com/questions/13475303/running-ssh-on-amazon-ec2-instance-on-port-other-than-22