CentOS

The Community ENTerprise Operating System
https://forums.centos.org/

selinux, semanage and ssh on AWS

https://forums.centos.org/viewtopic.php?f=51&t=51976

Page 1 of 1

selinux, semanage and ssh on AWS

Posted: 2015/04/06 21:12:32
by OrsonGarnsey
All,

I've recently migrated my MX setup to AWS from a physical machine running CentOS 7. On that machine, I ran ssh on a non-standard port with selinux in enforcing mode. I.E.:

Code: Select all

semanage port -a -t ssh_port_t -p tcp [port]
I initially had trouble with the above on the AWS instance, because the process would die (Killed.) with an out of memory error. I got around this. Here is the current state:

Code: Select all

ssh_port_t                     tcp      [port], 22
I could connect using port 22 with selinux enabled as described above, but now cannot connect through either port with selinux enabled. Both ports work with selinux in permissive mode.

Any thoughts? Thanks.

Orson Garnsey

Re: selinux, semanage and ssh on AWS

Posted: 2015/04/22 18:29:59
by jyoung
OrsonGarnsey wrote:Both ports work with selinux in permissive mode.
If that's the case, are you getting any AVCs that may explain what's going on?

Code: Select all

ausearch -m avc | grep "sshd"
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited