{"id":13310,"date":"2019-04-01T11:59:21","date_gmt":"2019-04-01T11:59:21","guid":{"rendered":"http:\/\/www.appservgrid.com\/paw92\/?p=13310"},"modified":"2019-04-01T11:59:21","modified_gmt":"2019-04-01T11:59:21","slug":"how-to-change-ssh-port-in-linux","status":"publish","type":"post","link":"https:\/\/www.appservgrid.com\/paw92\/index.php\/2019\/04\/01\/how-to-change-ssh-port-in-linux\/","title":{"rendered":"How to Change SSH Port in Linux"},"content":{"rendered":"

SSH<\/strong>\u00a0or\u00a0Secure Shell<\/strong>\u00a0daemon is a network protocol that is used to perform remotely secured log ins to Linux systems via a secured channel through unsecured networks using strong cryptography.<\/p>\n

One of the most basic utility of SSH protocol is the ability to access Unix shells on remote Linux machines and execute commands. However, SSH protocol can offer other implementations, such as the ability to create secured TCP tunnels over the protocol,\u00a0to remotely and securely transfer files<\/a>\u00a0between machines or to act as a FTP like service.<\/p>\n

The standard port used by SSH service is\u00a022\/TCP<\/strong>. However, you might want to change SSH default port in your Linux server, in order to achieve some kind of security through obscurity because the standard\u00a022\/TCP<\/strong>\u00a0port is continuously targeted for vulnerabilities by hackers and bots in internet.<\/p>\n

To change SSH service default port in Linux, first you need to open the main SSH daemon configuration file for editing with your favorite text editor by issuing the below command and make the following changes.<\/p>\n

# vi \/etc\/ssh\/sshd_config\r\n<\/pre>\n
In\u00a0sshd_config<\/strong>\u00a0file, search and comment the line that begins with\u00a0Port 22<\/strong>, by adding a hashtag\u00a0(#)<\/code>\u00a0in front of the line. Below this line, add a new port line and specify your desired port to bind SSH.<\/p>\n
In this example, we\u2019ll configure SSH service to bind and listen on port\u00a034627\/TCP<\/strong>. Make sure you choose a random port, preferably higher than\u00a01024<\/strong>\u00a0(the superior limit of standard well-known ports). The maximum port that can be setup for for SSH is\u00a065535\/TCP<\/strong>.<\/p>\n
#Port 22\r\nPort 34627\r\n<\/pre>\n
\n
\"Change<\/a><\/p>\n
Change SSH Port in Linux<\/p>\n<\/div>\n
After you\u2019ve made the above changes, restart the SSH daemon to reflect changes and issue\u00a0netstat<\/a>\u00a0or\u00a0ss command<\/strong>\u00a0to confirm that SSH service listens on the new TCP port.<\/p>\n
# systemctl restart ssh\r\n# netstat -tlpn| grep ssh\r\n# ss -tlpn| grep ssh\r\n<\/pre>\n
In\u00a0CentOS<\/strong>\u00a0or\u00a0RHEL<\/strong>\u00a0Linux based distributions, install\u00a0policycoreutils<\/strong>\u00a0package and add the below rules to relax SELinux policy in order for the SSH daemon to bind on the new port.<\/p>\n
# yum install policycoreutils\r\n# semanage port -a -t ssh_port_t -p tcp 34627\r\n# semanage port -m -t ssh_port_t -p tcp 34627\r\n# systemctl restart sshd\r\n# netstat -tlpn| grep ssh\r\n# ss -tlpn| grep ssh\r\n<\/pre>\n
\n
\"Verify<\/a><\/p>\n
Verify SSH New Port<\/p>\n<\/div>\n
Also, don\u2019t forget to update the firewall rules specific for your own installed Linux distribution in order to allow incoming connections to be established on the new added SSH port.<\/p>\n
Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
SSH\u00a0or\u00a0Secure Shell\u00a0daemon is a network protocol that is used to perform remotely secured log ins to Linux systems via a secured channel through unsecured networks using strong cryptography. One of the most basic utility of SSH protocol is the ability to access Unix shells on remote Linux machines and execute commands. However, SSH protocol can … <\/p>\n
Continue reading “How to Change SSH Port in Linux”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-13310","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/13310","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/comments?post=13310"}],"version-history":[{"count":1,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/13310\/revisions"}],"predecessor-version":[{"id":13312,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/13310\/revisions\/13312"}],"wp:attachment":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/media?parent=13310"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/categories?post=13310"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/tags?post=13310"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}