In this tutorial, we will show you how to change the default ssh port on CentOS system. For those of you who didn’t know, SSH is a program and protocol for securely connecting to remote machines across a network. It allows you to run programs, and do a variety of tasks as if you were sitting at the machine. SSH is very similar to telnet except it is with encryption to protect the transferred information and authentication.
The Secure Shell (SSH) Protocol by default uses port 22. Accepting this value does not make your system insecure, nor will changing the port provide a significant variance in security. However, changing the default SSH port will stop many automated attacks and a bit harder to guess which port SSH is accessible from
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The tutorial is quite simple. I will show you the step-by-step change of the default SSH port on the CentOS system.
Change SSH Port in CentOS
Step 1. Log into your server as the root user.
Step 2. Open our SSH configuration.
Edit the line which states ‘Port 22’. Choose an appropriate port, also making sure it not currently used on the system.
# What ports, IPs and protocols we listen for Port 922
Once you have the change done, simply exit and save the sshd_conf file. Now all you need to run is the below command and it will restart the SSH server. The next time you want to connect via SSH, you will need to do so on your new port, in our case, 922:
systemctl restart sshd.service
Verify SSH is listening on the new port by connecting to it. Note how the port number now needs to be declared:
ssh firstname.lastname@example.org -p 922
Step 3. Configure IPTables and Firewall.
- CentOS 6
After you are finished configuring SSH, you will need to add the port to iptables as well as your installed firewall:
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 922 -j ACCEPT
- CentOS 7/8
Run the following command to set up FirewallID:
sudo firewall-cmd --add-port 922/tcp --permanent sudo firewall-cmd --add-port 922/tcp sudo firewall-cmd --reload
Congratulations! You have successfully change the default SSH port. Thanks for using this tutorial to change the OpenSSH port number on CentOS 8 systems.