- Start by opening the
/etc/ssh/sshd_configconfiguration file with nano or your preferred text editor.
$ sudo nano /etc/ssh/sshd_config
- Look for the
#Port 22line. We’ll need to uncomment this line and change the number to our desired port number. For this example, we’ll switch the port number to
From: #Port 22 To: Port 2239
- Save the changes you’ve made to this file and exit. Finish up my reloading the sshd service.
$ sudo systemctl reload sshd
- To make sure everything is working, you can try to SSH on the new port. You’ll need to use the
-poption to instruct the client to use some other port than the default 22.
$ ssh -p 2239 user@localhost
Additional configuration for Ubuntu
- Ubuntu has UFW firewall installed by default. If you’re running UFW firewall and need to allow traffic to the new port, use the command below.
$ sudo ufw allow 2239/tcp
Additional configuration for CentOS
CentOS doesn’t use UFW by default, but if you happen to have it installed, make sure you also use the UFW command above.
CentOS uses SELinux (Security Enhanced Linux module) and firewalld by default. We’ll need to add an exception in order to allow SSH access on the newly configured port.
- First, make sure SELinux is actually enabled. If it’s not, you can skip this entirely.
# sestatus SELinux status: enabled
- Use the semanage utility to add a new port number for SSH.
# semanage port -a -t ssh_port_t -p tcp 2239
- Add the new port to firewalld’s configured zone (“public” by default).
# firewall-cmd --zone=public --add-port=2239/tcp --permanent
- Reload firewalld to finalize the changes.
# firewall-cmd --reload