Forum

Change the ssh port...
 
Notifications
Clear all
1 Posts
1 Users
0 Likes
29.9 K Views
Posts: 108
Topic starter
(@taichi)
Member
Joined: 4 years ago

Locate sshd_config file by typing the following command

$ find / -name "sshd_config" 2>/dev/null
Sample outputs:

/etc/ssh/sshd_config

The find command try to locate sshd server config file named sshd_config. I added the 2&gt/dev/null at the end to hide find command permission denied messages warning/spam.

Edit the file and set Port option

Type the following command:
$ sudo vi /etc/ssh/sshd_config
Locate line that read as follows:
Port 22
OR
#Port 22
To set the port to 2222, enter:
Port 2222
Save and close the file. 

cat /etc/services
less /etc/services
more /etc/services
grep -w '22/tcp' /etc/services
grep SSH /etc/services
grep -w '80/tcp' /etc/services
egrep -w '(80|443|110|53)/tcp' /etc/services

How to Change the SSH Port in Linux
Viewing or choosing a new SSH port number in Linux

A note about SELinux users

You must type the following command to change port to 2222:
# semanage port -a -t ssh_port_t -p tcp 2222

Updating your firewall to accept the ssh port 2222 in Linux

If you are using UFW on a Ubuntu/Debian Linux, type:
$ sudo ufw allow 2222/tcp
The syntax for iptables is as follows
$ sudo /sbin/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 2222 -j ACCEPT
The syntax for pf firewall is as follows (FreeBSD/OpenBSD/NetBSD Unix) in your pf.conf:
pass log on $ext_if proto tcp to any port 2222 keep state
To open the new port run the following commands on Fedora/CentOS/RHEL/Oracle Linux using FirewallD
$ sudo firewall-cmd --permanent --zone=public --add-port=2222/tcp
$ sudo firewall-cmd --reload

Warning: You must update your firewall settings to accept new port. Otherwise the following command will lock down your ssh access.

Restart the sshd service

Type the following command on a CentOS/RHEL/Fedora Linux:
$ sudo service sshd restart
OR if you are using CentOS/RHEL/Fedora Linux with systemd:
$ sudo systemctl restart sshd
OR if you are using Ubuntu/Debian/Mint Linux:
$ sudo service ssh restart
OR if you are using Ubuntu/Debian/Mint Linux with systemd:
$ sudo systemctl restart ssh
Or if you are using FreeBSD Unix, enter:
$ sudo service sshd restart

How to verify that TCP port 2222 opened

Use the netstat command or ss command:
ss -tulpn | grep 2222
netstat -tulpn | grep 2222

How to use the new SSH port with command line

The syntax is:
ssh -p {port} user@server
sftp -P {port} openssh-server
scp -P {port} source target
scp -P {port} /path/to/foo user@server:/dest/

For example:
ssh -p 2222 [email protected]

Topic Tags
Share: