≡ Menu

CentOS Linux 5/6: Change OpenSSH Port Number

I am a new CentOS Linux user. How do I change default sshd tcp port # 22 to 2022 on CentOS Linux version 5/6?

You can set or specifies the port number that sshd server listens on. The default is TCP port # 22.

Syntax: Change SSH port on a CentOS Linux

You can use any one of the following option in /etc/ssh/sshd_config file:

Port PortNumberHere

ListenAddress IPv4Address:Port
ListenAddress IPv6Address:Port
ListenAddress Hostname:Port

If Port is not specified, sshd will listen on the address and all prior Port options specified. The default is to listen on all local IP addresses. Multiple ListenAddress options are aloowed in sshd_config.

Run ssh on a non-standard port # 2022 using Port option

Edit /etc/ssh/sshd_config, enter:
# vi /etc/ssh/sshd_config
Edit/Append as follows to set Port to 2022:
Port 2022
Save and close the file.

CentOS run ssh on a non-standard port # 2022 using ListenAddress option

Note: If you have multiple IP address on the server, try ListenAddress as follows :

## bind sshd to two ip address on a non-standard port ##

Save and close the file.

Reload SSHD service

Before you restart or reload sshd server. You need to update:

  1. SELinux configuration
  2. Firewall settings
  3. fail2ban settings

A note about OpenSSH SELinux user

If you are using SELinux, add tcp port # 2022 to port contexts for OpenSSH server:
# semanage port -a -t ssh_port_t -p tcp 2022

Update firewall settings

You also need to update firewall settings so that users can login using TCP # 2022. Edit, ssh command?

The syntax is:

ssh -p PortNumberHere user@server-name-here 
ssh -p PortNumberHere user@server-name-here commandNameHere
ssh -p 2022 nixcraft@
ssh -p 2022 nixcraft@ df

How do I connect to ssh server on port # 2022 using scp command?

The syntax is:

scp -P PortNumberHere source user@server-name-here:/path/to/dest
scp -P 2022 resume.pdf nixcraft@nas01:/backups/personal/nixcraft/files/

How do I connect to ssh server on port # 2022 using sftp command?

The syntax is:

sftp -P PortNumberHere user@server-name-here 
sftp -P 2022 nixcraft@

How do I connect to ssh server on port # 2022 using rsync command?

The syntax is as follows to change SSH port number with rsync command:

sync -av -e 'ssh -p PORT-NUMBER-HERE' source user@server-name

So to backup /home/vivek to server1.nixcraft.net.in at port number 2022, enter:

rsync -av -e 'ssh -p 2022' /home/vivek/ backupop@server1.nixcraft.net.in

I also suggest that you can update your /.ssh/config ($HOME/.ssh/config) fileto overrides the Port settings. This will save you some time whenever you use ssh/scp/sftp command.

See also
  1. RHEL/Red Hat Change SSH Port
  2. Man pages: sshd(8), sshd_config(5)
Share this tutorial on:

Your support makes a big difference:
I have a small favor to ask. More people are reading the nixCraft. Many of you block advertising which is your right, and advertising revenues are not sufficient to cover my operating costs. So you can see why I need to ask for your help. The nixCraft, takes a lot of my time and hard work to produce. If you use nixCraft, who likes it, helps me with donations:
Become a Supporter →    Make a contribution via Paypal/Bitcoin →   

Don't Miss Any Linux and Unix Tips

Get nixCraft in your inbox. It's free:

{ 7 comments… add one }
  • Sunil Bhoi January 21, 2014, 10:14 pm


    Nice post.
    Before changing the SSH port for any server add IP of your local machine to allow list. Because there is chances to lost ssh connection to remote machine.

    Sunil Bhoi.

  • Jalal Hajigholamali January 22, 2014, 5:37 am

    Thanks for nice article

  • Shekhar July 21, 2014, 11:38 am


    Can we use different SSH Ports for different SSH Services:
    1. 22 port only for SSH Login with password
    2. 222 port only when we have ssh-keys
    3. 2222 port only for sftp

    Thanks for nice tutorial

  • Eli October 26, 2015, 10:24 pm

    What is SSH?

  • wiserweb December 14, 2015, 11:19 pm

    Hi Vivek,

    If you change your port and you use fail2ban you have to update the rules as follows. If you don’t update your rules fail2ban will give an error (fail2ban.actions.action: CRITICAL Unable to restore environment) and stop protecting your entire server.

    On Debian/Ubuntu the rules file to edit is located here:


    Notice the ssh-[port] syntax below that must be used for the port directive for [ssh] jail. Following the example above of using port 2022, the new rules would be updated to the following:

    enabled  = true
    port     = ssh-2022
    filter   = sshd
    logpath  = /var/log/auth.log
    maxretry = 2
    enabled  = enable
    port     = ssh-2022
    filter   = sshd-ddos
    logpath  = /var/log/auth.log
    maxretry = 6

    Might be good if you update the article with this information for the benefit of your readers.

    • Vivek Gite December 14, 2015, 11:45 pm

      @wiserweb: thanks for the heads up. I’ve updated the faq to include your comment.

  • Sagar S March 7, 2016, 8:43 pm

    How do I change default ssh22 to 2022 or any other port?

    Steps I did:
    1.Change SSH default port with /etc/ssh/sshd_config

    2.Added the following commands to run
    iptables -A INPUT -p tcp –dport 22 -j ACCEPT
    iptables -A INPUT -p tcp –dport 80 -j ACCEPT
    iptables -A INPUT -p tcp –dport 443 -j ACCEPT
    iptables -A INPUT -p tcp –dport 110 -j ACCEPT
    iptables -A INPUT -p tcp –dport 465 -j ACCEPT
    iptables -A INPUT -p tcp –dport 143 -j ACCEPT
    iptables -A INPUT -p tcp –dport 993 -j ACCEPT
    iptables -A INPUT -p tcp –dport 587 -j ACCEPT
    iptables -A INPUT -p tcp –dport 25 -j ACCEPT
    iptables -A INPUT -p tcp –dport 995 -j ACCEPT
    iptables -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
    iptables -A INPUT -j REJECT
    iptables -A FORWARD -j REJECT

    3.Saved the iptables

    4.Updated firewall settings for new port by
    deleting this
    iptables -A INPUT -p tcp –dport 22 -j ACCEPT
    adding this
    -A INPUT -m state –state NEW -m tcp -p tcp –dport 2022 -j ACCEPT

    4.Restarted iptables

    5.Restarted ssh service

    Then if I try to login using 22ssh it gives me connection timeout.
    The same I try to do with 2022ssh it also gives me connection timeout.

    Kindly help.

    Much Thanks in advance.

Security: Are you a robot or human?

Leave a Comment

You can use these HTML tags and attributes: <strong> <em> <pre> <code> <a href="" title="">

   Tagged with: , , , ,