Begin by opening the configuration file with your text editor as root:
# nano /etc/ssh/sshd_config
The first option that you may want to change is the port that SSH runs on. Find the line that looks like this:
Change this to a different port
# systemctl reload sshd.service
After saving, don’t exit until you’ve completed these steps.
By default, SELinux only allows port 22 for SSH. What you need to do is enable the newly created port through SELinux. To do that, run the commands below
# sudo semanage port -a -t ssh_port_t -p tcp 2244
If you run the commands above and get an error that semanage command not found, run the commands below to install it.
# sudo yum -y install policycoreutils-python
Then go and run the semange commend again to allow the new port through SELinux.
In CentOS or RHEL Linux based distributions, install policycoreutils package and add the below rules to relax SELinux policy in order for the SSH daemon to bind on the new port.
# yum install policycoreutils # semanage port -a -t ssh_port_t -p tcp 34627 # semanage port -m -t ssh_port_t -p tcp 34627 # systemctl restart sshd # netstat -tlpn| grep ssh # ss -tlpn| grep ssh
After that, run the commands below to allow the new port through the firewall.
# sudo firewall-cmd --permanent --zone=public --add-port=2244/tcp
Reload the firewall configurations
# sudo firewall-cmd --reload
Restart SSH by running the commands below.
# sudo systemctl restart sshd.service