Linux Change SSH Port (CentOS, AlmaLinux, Rocky, Ubuntu, Debian, etc)
Changing the SSH port from the default 22 is a good idea for a few reasons, and it will cut out the majority of bots trying to connect and keep your logs cleaner.
1. Edit the /etc/ssh/sshd_config file with your preferred text editor.
nano /etc/ssh/sshd_config
2. Find the line that has "port 22" and un-comment the line, then change 22 to the port you wish to use.
Change:
port 22
To:
port 1234
Save the file. (With nano editor, press CTRL + X then Y to overwrite.)
If you want to change the port on a SELinux system, you have to tell SELinux about this change.
semanage port -a -t ssh_port_t -p tcp 1234
3. If you use iptables or the standard Linux firewall, add a rule to allow traffic to the new SSH port. (If your firewall is empty, no need.)
Ubuntu/Debian:
ufw allow 1234
CentOS/Fedora with firewalld:
firewall-cmd --permanent --zone=public --add-port=1234/tcp
firewall-cmd --reload
with iptables
iptables -A INPUT -p tcp --dport 1234 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 1234 -j ACCEPT
4. Restart the ssh service:
CentOS/Fedora/RHEL:
systemctl restart sshd or service sshd restart
Ubuntu/Debian:
systemctl restart ssh or service ssh restart
or full restart
reboot
Last edited: