selinux and using different port for sshd than usual 22

[cdm]

Hello All,

Initially I was using port 8080 for my sshd, then i wanted to change it to some other port but of course selinux didn't like it. I forgot how i initially i setup selinux to allow port 8080 for sshd since i had it as enforcing (i thought) all along from long ago. Now i want to set it up on another port besides 22 and upon researching, it seems that one would use semanage but i can't find the executable anywhere. I think i read that it's part of the policycoreutils and it should be here: /usr/sbin/semanage . . . . but it's not. And i already have policycoreutils installed. so i'm a bit confused. any help or suggestions would be nice. thanks.

[scottro]

Does this help?

http://www.cyberciti.biz/faq/centos-red ... rt-number/

[TrevorH]

It's not a good pidea to move the ssh port to above 1024 as any user can bind to those ports. You should keep it under 1024 and then if someone manages to somehow crash your sshd, they cannot start it up as a non-root user and have it bind to your new port.

[cdm]

ok - i'll look at the faq . . . . . but i'm just trying to figure out why i don't seem to have 'semanage' on a system which has selinux on it. how is selinux supposed to be managed ?

[TrevorH]

By installing the package that contains the semanage executable.... yum provides '*/semanage'