Skip to main content

Change the SSH Port in CentOS and Red Hat

By

 

Change the SSH Port in CentOS and Red Hat

This article explains how to change the default Secure Shell (SSH) port on a CentOS® or Red Hat® Enterprise Linux® server.

Open and edit the SSH daemon configuration file

  1. Run the following command to open the sshd_config file:

    [root@server-01 ~]# vi /etc/ssh/sshd_config

  2. Use the arrow keys to scroll through the file until you locate the following text:

     #Port 22
 #AddressFamily any
 #ListenAddress 0.0.0.0
 #ListenAddress ::

  3. Place the cursor on the line below #Port 22 and press the i key to enter Insert Mode.

  4. Press the Enter key to create a new line and type Port <Specified Port Number>Port 2021 is the new SSH port in the following example:

     #Port 22
 Port 2021
 #AddressFamily any
 #ListenAddress 0.0.0.0
 #ListenAddress ::

  5. Press the Esc key to exit Insert Mode. Next, quit vi by typing :wq and pressing the Enter key.

Bind SSH daemon to the new port

  1. Install the policycoreutils package to bind the SSH daemon to the new SSH port by using the following command:

    [root@server-01 ~]# yum install policycoreutils

  2. Type y and press the Enter key to continue with the installation. When this task completes, add the following rules to ensure that the SSH daemon binds with the specified port:

    [root@server-01 ~]# semanage port -a -t ssh_port_t -p tcp 2021
[root@server-01 ~]# semanage port -m -t ssh_port_t -p tcp 2021

  3. Next restart the SSH daemon:

    [root@server-01 ~]# systemctl restart sshd

Verify the bind to the new port

Ensure that the port changes took effect by using either the netstat or ss command as shown in the following example:

    [root@server-01 ~]# ss -tlpn| grep ssh
    LISTEN   0         128                 0.0.0.0:2021             0.0.0.0:*        users:(("sshd",pid=28065,fd=4))
    LISTEN   0         128                    [::]:2021                [::]:*        users:(("sshd",pid=28065,fd=6))
    [root@server-01 ~]# netstat -tlpn| grep ssh
    tcp        0      0 0.0.0.0:2021            0.0.0.0:*               LISTEN      28065 sshd
    tcp6       0      0 :::2021                 :::*                    LISTEN      28065 sshd

As you can see, both commands show that Port 2021 is now in place.

Update your firewall

Update your firewall to ensure that incoming connections are allowed to the newly specified port. Enter the following two lines:

    [root@server-01 ~]# sudo firewall-cmd --add-port=2021/tcp --permanent
    success
    [root@server-01 ~]# sudo firewall-cmd --remove-service=ssh --permanent
    success

Comments

Post a Comment

Popular posts from this blog

Office 365: How to force users to change their password /O365

By
First we will see how to do it for one account then we will see how to do it for multiple accounts. 1. Install Prerequisites:       We will need MSOnline module to connect to Office 365 with PowerShell.         Open a PowerShell prompt with administrator rights : 2. Install MSOnline module :               It will Also install NuGet Provider , accept and yes to continue.   3.Connect to Office 365     Use Connect-MsolService  to open the Microsoft Office 365 sign in window :       Now a Pop Up windows will open For Microsoft Oath2 Security , Name and password of Administrative user or Global admin must be given here for making any changes.     4.Reset user password :           4A.Force new password :                        With this command we can set a password for a...
Post a Comment
Read more

How to Reset Forgotten Password on Kali Linux

By
          Kali Linux is a Linux distribution used in the Cybersecurity domain. It is maintained and funded by Offensive Security. Kali Linux is Debian based and it uses the Debian repository for most of its packages. This Linux distribution is designed for digital forensics and penetration testing. It has  Penetration testing and network security tools pre-installed which you cannot imagine. It is completely free and open source. So you can use it for free and even contribute to its development.         Now forgetting login credentials is an annoying thing in the case of any operating system. Resetting forgotten passwords often comes with the risk of data loss and requires a lot of effort if you are not a technology enthusiast. This article will be a simple step-by-step guide on resetting forgotten passwords on Kali Linux. How to Reset Forgotten Password on Kali Linux?           In this section, we will ...
Post a Comment
Read more

How to create a “Let’s Encrypt” certificate on Windows ,

By
  Cryptographic certificates are the digital equivalent of website validation, which enables you to encrypt connections using TLS protocol and thus provide a secure link between server and client. There are both paid and free certification centres. Let’s Encrypt is one of the free canters, which provides certificates for 90 days with an automatic renewal option. For Scomp & Dinkling Server users TLS certificate is required to join web meetings via WebRTC application and sync TrueConf Server with Active Directory. Table of Contents Step 1: Getting started. Step 2: Creating a certificate.     Step 1: Getting started. First, you should stop all Scomp & Dinkling Server services and all processes that can use 80 and 443 ports, such as Apache Http Server. To create a TLS certificate on Windows, download the ACME Simple (WACS) program. Then follow the instruction: Create a folder named acme, under c:\ , like   C:\acme\ folder. Extract the do...
Post a Comment
Read more