[CentOS] Running SSH on a different port (with SELinux)
jorge.fabregas at gmail.com
Sun Oct 25 18:08:28 UTC 2009
Now after the recent discussion on running SSH on a different port, I decided
to start a new thread but with SELinux involved.
Assuming that you have SELinux enabled, and that you changed the default port
for SSHD, let say for 1234, when I restart SSHD I don't get any AVC denials.
This is the output of: semanage -l port | grep ssh
ssh_port_t tcp 22
I thought (based on previous SELinux readings) that in order to allow SSHD on
a non-default port you needed to:
semanage port -a -t ssh_port_t -p tcp 1234
That was the theory I read :) Now in practice it seems it is not implemented
yet, or at least by the time RHEL5 came out. Does anyone knows?
All the best,
More information about the CentOS