It’s a good idea to change the default SSH port since the standard 22/TCP port is continuously targeted for vulnerabilities by hackers and bots in internet.
To change SSH service default port in Linux, first you need to open the main SSH daemon configuration file for editing with your favorite text editor by issuing the below command and make the following changes.
In sshd_config file, search and comment the line that begins with Port 22 (it might be already commented out), by adding a hashtag
(#) in front of the line. Below this line, add a new port line and specify your desired port to bind SSH.
In the example above we specified that we would like sshd to use port 34627 rather then port 22.
Now restart the service:
service sshd restart or systemctl restart sshd
In CentOS or RHEL Linux based distributions, install policycoreutils package and add the below rules to relax SELinux policy in order for the SSH daemon to bind on the new port.
# yum install policycoreutils # semanage port -a -t ssh_port_t -p tcp 34627 # semanage port -m -t ssh_port_t -p tcp 34627 # systemctl restart sshd
Also, don’t forget to update the firewall rules specific for your own installed Linux distribution in order to allow incoming connections to be established on the new added SSH port.