Edit default CentOS Linux SSH port
Reminder
It's been a while since we published this blog post. Some of the information may be outdated.
Notice: This tutorial ONLY applies to CentOS Linux. The commands will be some slight differences among different Linux-based systems.
CentOS
1. Backup SSH configuration file
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak2. Edit configuration file
vi /etc/ssh/sshd_configTo prevent possible failure to log in due to incorrect updates. We should keep port 22 open until the new port is functionally normal.
# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
Port 22
Port 10022
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::Then, save the configuration file.
3. Add the new port to the SELINUX firewall
Install SEManage
yum -y install policycoreutils-pythonAdd the new port through SEManage
semanage port -a -t ssh_port_t -p tcp 100224. Accept new SSH port traffic in the firewall
Accept new SSH port traffic
firewall-cmd --permanent --zone=public --add-port=10022/tcpCheck the firewall status
firewall-cmd --state5. Reload the firewall
firewall-cmd --reload6. Restart, then check the SSH service status
systemctl restart sshd
systemctl status sshd
ss -tnlp | grep ssh7. Try to log into the server through the new port. If it works properly, disable the original SSH port.
# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.America/Phoenix
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
# Port 22
Port 10022
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::8. Restart SSH service
systemctl restart sshd
Comments are disabled.