In order to change your ssh port you need to “allow” it in SELinux:
1.Install package that provides “semanage” comamand:
CODE: SELECT ALL
yum install policycoreutils-python
2.List all ports allowed for ssh daemon:
CODE: SELECT ALL
semanage port -l | grep ssh
3.As you haven’t modified anything you shouldn’t see your port.
Now add your port:
CODE: SELECT ALL
semanage port -a -t ssh_port_t -p tcp your_port_number
If you are using a port that is well-known for another program you should use:
CODE: SELECT ALL
semanage port -m -t ssh_port_t -p tcp well_known_port
4.Verify it’s allowed now:
CODE: SELECT ALL
semanage port -l | grep ssh
5.Edit your sshd config to listen on that port (Listen 443 for example).Note that ssh supports listening on multiple ports:
CODE: SELECT ALL
vi /etc/ssh/sshd_config
- Find this line
#Port 22
Change to your chosen port, and remove the comment ( # sign )
Port 9999
- Restart the SSH service.
service sshd reload
- Now we must allow incoming data in the new port. Open your WHM >> Plugins >> CSF.
- Click “Firewall Configuration” button.
- Add your new port in “TCP_IN” and “TCP_OUT”.
- Click “Change” button in the bottom of the page.
- You will be asked to restart CSF & LFD. Do it.
- It’s done
Originally posted on December 1, 2017 @ 12:06 am