How To Change SSH Port On CentOS 7

By | 22 October 2018

To change the default SSH port, the first thing you want to do is backup the current SSH configuration on your system. To do that, run the commands below.

cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak

Next, run the commands below to open the default SSH configuration file

sudo vi /etc/ssh/sshd_config

# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
Port 2244
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

Save the file.

After saving, don’t exit until you’ve completed these steps.

By default, SELinux only allows port 22 for SSH. What you need to do is enable the newly created port through SELinux. To do that, run the commands below

semanage port -a -t ssh_port_t -p tcp 2244

If you run the commands above and get an error that semanage command not found, run the commands below to install it.

yum -y install policycoreutils-python

Then go and run the semange commend again to allow the new port through SELinux.

After that, run the commands below to allow the new port through the firewall.

firewall-cmd --permanent --zone=public --add-port=2244/tcp

Reload the firewall configurations

firewall-cmd --reload

Restart SSH by running the commands below.

systemctl restart sshd.service

Verify that SSH is now running on the new port by running the commands below.

ss -tnlp | grep ssh

Exit and try signing in using the new port number.

ssh root@192.168.0.1 -p 2244

Enjoy!