RHEL 6: Change OpenSSH Port To 1255 ( SELinux Config )

Posted on in Categories last updated May 13, 2011

I’ve edited /etc/ssh/sshd_config to change the port number:

Port 1255

However, I’m getting an error as follows:

sshd[26792]: error: Bind to port 1255 on 192.168.1.100 failed: Permission denied

How do I change default OpenSSH port number from 22 to 1255 under RedHat Enterprise Linux server version 6 and SELinux?

By default SELinux only allows port number 22. To display current port contexts, enter:
# semanage port -l | grep ssh
Sample outputs:

ssh_port_t                     tcp      22

To add port 1255 to port contexts, enter:
# semanage port -a -t ssh_port_t -p tcp 1255
You can verify new settings, enter:
# semanage port -l | grep ssh
Sample outputs:

ssh_port_t                     tcp      1255,22

Finally, reload or restart the OpenSSH server, enter:
# /sbin/service sshd reload
Verify, sshd is listing on TCP port # 1255, enter:
# netstat -tulpn | grep 1255

8 comment

  1. If you’re changing the port to 1255, you should really remove the allow statement for port 22.
    semanage port -d -t ssh_port_t -p tcp 22

  2. I’m on CentOS 6.2, and I can’t remove Port 22 as per the instructions above — SElinux complains that port 22 is part of the ‘policy’ and can’t be removed. How do I fix this?

Leave a Comment