The default remote port of the ECS instance is 22. This port is the default port of the SSH (Secure Shell) protocol, which is used to remotely log in and manage cloud server instances. With the SSH protocol, you can make a secure remote connection to the cloud server through a terminal or SSH client and perform a variety of administrative tasks and operations.
Modify the default remote port of Windows system instance
This section takes Windows Server 2012 R2 as an example to introduce how to modify the default remote port of Windows system instance.
Log in to the console.
Select a region.
Click Computing > Elastic Cloud Server to enter the cloud server page.
Remotely log in to the Windows ECS instance with the port to be modified, for details, see Log in to the Windows ECS.
Modify the value of the registry subitem PortNumber.
1) Right-click the Windows logo key and select Run to launch the Run window.
2) Enter regedit.exe in the text box of the Run window and press Enter to open Registry Editor.
3) Select HKEY_LOCAL_MACHINE > System > CurrentControlSet > Control > Terminal Server > Wds > rdpwd > Tds > tcp in the left navigation tree layer by layer, as shown in the following figure:
4) Locate the registry subitem PortNumber in the list, right-click it and select Modify to enter the Modify window.
5) In the pop-up Modify window, enter the new remote port number in the text box of numerical data, which is 3398 in this case. Check Decimal in the Base box and click OK.
6) Select HKEY_LOCAL_MACHINE > System > CurrentControlSet > Control > Terminal Server > WinStations > RDP-Tcp in the left navigation tree layer by layer.
7) Locate the registry subitem PortNumber in the list on the right, right-click it and select Modify (you can use the keyboard arrow keys to search down).
8) In the dialog box that pops up, enter the new remote port number in the text box of the numeric data, which is 3398 in this case. Check Decimal in the Base box and click OK.
Restart the cloud server in the ECS management console, as shown in the following figure:
Add a security group rule to the instance to allow the newly configured 3398 remote port to connect.
For details, see Configuring Security Group Rules.
Finally, use the Remote Desktop Connection function to remotely access the instance. Add the new port number 3398 after the remote address to connect to the instance.
Modify the default remote port of Linux system instance
This section takes CentOS 8.0 64-bit as an example to introduce how to modify the default remote port of Linux system instance.
Log in to the console.
Select a region.
Click Computing > Elastic Cloud Server to enter the cloud server page.
Click the Actions > Remote Login button on the row of the ECS to be modified to connect to the ECS instance remotely.
Enter the user name root, and the password is the user-defined password when purchasing the ECS. After successful login, the following figure is shown:
sshd_config is an important configuration file in Linux, to avoid failures caused by misoperations, run the following command to back up sshd_config before running it:
cp /etc/ssh/sshd_config /etc/ssh/sshd_config_bak
Go to the /etc/ssh path and enter the ll command to view the information as shown below:
Modify the port number of the sshd service, because it is already in the /etc/ssh path, so directly run vim sshd_config to edit the sshd_config configuration file, and press i on the keyboard to enter the Edit mode to add a new remote service port, which is port 2222 in this case. Under Port 22, enter port 2222.
Press Esc on your keyboard, type :wq, save and exit Edit mode.
Run the following command to restart the sshd service.
systemctl restart sshd
At this point, the default port for remote login of this ECS has been changed from 22 to 2222.
Function Verification:
Open the remote connection tool Putty, enter the Elastic IP of this ECS instance, and first log in using port 22 by default, you can see that the connection is rejected and the network is interrupted, which means that remote login is currently not possible on port 22.
Configure the security group for the instance and release TCP protocol port 2222. For details, see Configuring Security Group Rules
After the configuration is complete, use the SSH tool to connect to the new port 2222, enter 2222 under the port, and you can see that the connection is successful.