This tutorial intends to teach you How To Change the SSH port on Rocky Linux.
The port number for SSH is 22 by default. Whenever we run a command through the default SSH port number 22, a connection is established between the client and server. Every connection initializes through this port.
Changing the default SSH port adds an extra layer of security to our server by reducing the risk of automated attacks. When we switch this port to some other, then the hacker has to try several other ports to ultimately find an open port. Therefore, to put any hacker out of bounds, we better change it.
Change SSH port on Rocky Linux
To change your default SSH port, you have to edit the sshd_config file. Besides, it is always a good option to keep a backup of your file. To do this, run the command below:
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
This command creates a new file named sshd_config.bak with the current settings of the sshd_config file. If something goes wrong, you can then restore the file from the backup.
Then, open your sshd_config file with your favorite text editor, here we use vi:
sudo vi /etc/ssh/sshd_config
In the file, you will see the contents of the sshd_config file.
Find the “Port” line and it should look like this:
At this point, you need to change the port value to another value. Here we change the ssh port to 6842.
Also, you need to remove the # character from the beginning of the port line to use this line as an active operating command on the server.
When you are finished, save and close the file.
Next, you need to run the semanage command as shown below to complete your task:
sudo semanage port -a -t ssh_port_t -p tcp 6842
Note: If you are facing an error that the semanage command is not found, you can visit this guide on How to Fix ‘semanage command’ Not Found Error on Rocky Linux.
Now you need to configure your firewall.
Configure Firewall to Allow New SSH Port on Rocky Linux
At this point, you must allow the new SSH port through the firewall. To do this, run the command below:
sudo firewall-cmd --permanent --zone=public --add-port=6842/tcp
Then, reload the firewall to apply the new rules:
sudo firewall-cmd --reload
Restart SSH by running the command below:
sudo systemctl restart sshd.service
Verify that SSH is now running on the new port on Rocky Linux by running the command below:
ss -tnlp | grep ssh
Output LISTEN 0 128 0.0.0.0:6842 0.0.0.0:* users:(("sshd",pid=14635,fd=4)) LISTEN 0 128 [::]:6842 [::]:* users:(("sshd",pid=14635,fd=6))
Exit and try signing in using the new port number.
ssh [email protected]ip-address -p 6842
That’s it. You are done.
At this point, you learn to Change the SSH port on Rocky Linux.
Hope you enjoy it.