You can set or specifies the port number that sshd server listens on. The default is TCP port # 22, but can be changed using any one of the following option in sshd_config file:
| Tutorial details | |
|---|---|
| Difficulty | Easy (rss) |
| Root privileges | Yes |
| Requirements | None |
| Time | 5m |
Syntax: Change SSH port on a RHEL
Port PortNumberHere
OR
ListenAddress IPv4Address:Port
ListenAddress IPv6Address:Port
ListenAddress Hostname:Port
Change ssh port to a non-standard port # 2022 using Port option
Edit /etc/ssh/sshd_config, enter:
# vi /etc/ssh/sshd_config
Edit/Append as follows to set Port to 2022:
Port 2022
Save and close the file.
RHEL run ssh on a non-standard port # 2022 using ListenAddress option
Note: If you have multiple IP address on the server, try ListenAddress as follows :
## bind sshd to two ip address on a non-standard port ## ListenAddress 192.168.1.5:2022 ListenAddress 203.1.2.3:2022
Save and close the file.
Reload SSHD service on a REHL based system
Before you restart or reload sshd server. You need to update the following services on RHEL:
- SELinux configuration
- Firewall settings
Update OpenSSH SELinux settings on a Red Hat Linux
If you are using SELinux, add tcp port # 2022 to port contexts for OpenSSH server:
# semanage port -a -t ssh_port_t -p tcp 2022
Update firewall settings on a Red Hat/CentOS Linux
You also need to update firewall settings so that users can login using TCP # 2022. Edit, /etc/sysconfig/iptables and open sshd port 2022:
# vi /etc/sysconfig/iptables
Edit/append as follows:
## delete or comment out port 22 line ## ## -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT ## open port 2022 -A INPUT -m state --state NEW -m tcp -p tcp --dport 2022 -j ACCEPT
Save and close the file. If you are using IPv6, edit /etc/sysconfig/ip6tables file too. Next, stop the firewall so that you will not loos the connectivity to the server:
# service iptables stop
# service ip6tables stop
Restart sshd on a RHEL based system
Type the following command to restart / reload SSHD service:
# service sshd reload
Verify new port settings with the following netstat command:
# netstat -tulpn | grep sshd
Finally, star the firewall on a Red Hat enterprise Linux:
# service iptables start
## IPv6 ##
# service ip6tables start
How do I connect to ssh server on port # 2022 using ssh/sftp/scp/rsync commands?
The syntax is as follows for ssh command:
ssh -p PortNumberHere user@server-name-here ssh -p PortNumberHere user@server-name-here commandNameHere
The syntax is as follows for scp or sftp command:
scp -P PortNumberHere source user@server-name-here:/path/to/dest
OR
sftp -P PortNumberHere user@server-name-here
The syntax is as follows to change SSH port number with rsync command:
sync -av -e 'ssh -p PORT-NUMBER-HERE' source user@server-name
Alternatively, you can update /.ssh/config or $HOME/.ssh/config file to overrides the Port settings. This will save you some time as you do not need to type port and other options each time you use ssh/scp/sftp command.
See also
- CentOS Linux Change SSH Port
- Man pages: sshd_config(5)
🐧 Get the latest tutorials on Linux, Open Source & DevOps via:
- RSS feed or Weekly email newsletter
- Share on Twitter • Facebook • 2 comments... add one ↓
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
There is a typo in “Update firewall settings on a Red Jat Linux”
Thanks for the heads up!