Notice: This tutorial ONLY applies to CentOS Linux. The commands will be some slight differences among different Linux-based systems.
CentOS
1. Backup SSH configuration file
1
| sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
|
2. Edit configuration file
1
| vi /etc/ssh/sshd_config
|
To prevent possible failure to log in due to incorrect updates. We should keep port 22 open until the new port is functionally normal.
1
2
3
4
5
6
7
8
9
| # If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
Port 22
Port 10022
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
|
Then, save the configuration file.
3. Add the new port to the SELINUX firewall
Install SEManage
1
| yum -y install policycoreutils-python
|
Add the new port through SEManage
1
| semanage port -a -t ssh_port_t -p tcp 10022
|
4. Accept new SSH port traffic in the firewall
Accept new SSH port traffic
1
| firewall-cmd --permanent --zone=public --add-port=10022/tcp
|
Check the firewall status
5. Reload the firewall
6. Restart, then check the SSH service status
1
2
3
| systemctl restart sshd
systemctl status sshd
ss -tnlp | grep ssh
|
7. Try to log into the server through the new port. If it works properly, disable the original SSH port.
1
2
3
4
5
6
7
8
9
| # If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.America/Phoenix
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
# Port 22
Port 10022
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
|
8. Restart SSH service