≡ Menu

Red Hat Linux (RHEL) 5/6: Change OpenSSH Port Number

I am a new Red Hat Enterprise Linux server sysadmin. How do I change default sshd tcp port # 22 to 3033 on RHEL v5/6? How do I modify SELinux to allow port 3033 and how do I saftly update firewall on RHEL to allow tcp port # 3033? How do I change ssh port on Redhat Linux operating system?

You can set or specifies the port number that sshd server listens on. The default is TCP port # 22, but can be changed using any one of the following option in sshd_config file:


Syntax: Change SSH port on a RHEL

Port PortNumberHere

OR
ListenAddress IPv4Address:Port
ListenAddress IPv6Address:Port
ListenAddress Hostname:Port

Change ssh port to a non-standard port # 2022 using Port option

Edit /etc/ssh/sshd_config, enter:
# vi /etc/ssh/sshd_config
Edit/Append as follows to set Port to 2022:
Port 2022
Save and close the file.

RHEL run ssh on a non-standard port # 2022 using ListenAddress option

Note: If you have multiple IP address on the server, try ListenAddress as follows :

## bind sshd to two ip address on a non-standard port ##
ListenAddress 192.168.1.5:2022
ListenAddress 203.1.2.3:2022

Save and close the file.

Reload SSHD service on a REHL based system

Before you restart or reload sshd server. You need to update the following services on RHEL:

  1. SELinux configuration
  2. Firewall settings

Update OpenSSH SELinux settings on a Red Hat Linux

If you are using SELinux, add tcp port # 2022 to port contexts for OpenSSH server:
# semanage port -a -t ssh_port_t -p tcp 2022

Update firewall settings on a Red Hat/CentOS Linux

You also need to update firewall settings so that users can login using TCP # 2022. Edit, ssh/sftp/scp/rsync commands?

The syntax is as follows for ssh command:

ssh -p PortNumberHere user@server-name-here 
ssh -p PortNumberHere user@server-name-here commandNameHere

The syntax is as follows for scp or sftp command:

scp -P PortNumberHere source user@server-name-here:/path/to/dest

OR

sftp -P PortNumberHere user@server-name-here

The syntax is as follows to change SSH port number with rsync command:

sync -av -e 'ssh -p PORT-NUMBER-HERE' source user@server-name

Alternatively, you can update /.ssh/config or $HOME/.ssh/config file to overrides the Port settings. This will save you some time as you do not need to type port and other options each time you use ssh/scp/sftp command.

See also
  1. CentOS Linux Change SSH Port
  2. Man pages: sshd(8), sshd_config(5)

Sysadmin because even developers need heroes!!!

Share this tutorial on:
{ 2 comments… add one }
  • Joe August 25, 2016, 6:17 am

    There is a typo in “Update firewall settings on a Red Jat Linux”

Security: Are you a robot or human?

Leave a Comment

You can use these HTML tags and attributes: <strong> <em> <pre> <code> <a href="" title="">


   Tagged with: , , , ,