Change Default SSH Port in Gentoo Linux

Description

If you have a need, for whatever reason, to change the port you use for ssh into your Linux system it’s really easy to do. This small tutorial will show how to do it specifically for a Gentoo Linux OS, but it should be similar for all Linux OS’s. **Note: You don’t have to use port 222 which is sometimes used for rsh-spx. Feel free to use any port that isn’t being used on your server.

Step 1: Open the ssh configuration file

su
vim /etc/ssh/sshd_config

Step 2: Change the port

Port 22
Port 222
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

I use both port 22 and 222 which tells the ssh daemon to listen for connections from those two ports. Port 222 is just a random unofficial port that can be used. For a complete list of ports just check out the ports wiki for help.

Step 3: Restart ssh daemon

/etc/init.d/sshd restart

Step 4: Make sure port 222 is open

Run an nmap command to discover if the port is open.

nmap -p 222 server_name
results

My port is blocked by iptables so I will need to edit my firewall and restart my iptables. I save a txt file of my firewall so I just have to update it and then save it to my iptables instead of having to continually edit iptables and not know what is going on.

vim /system/configuration/firewall.txt

firewall.txt

-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT 
-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 139 -j ACCEPT 
#-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 222 -j ACCEPT 
-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 902 -j ACCEPT
/etc/init.d/fail2ban stop
iptables-restore < /system/configuration/firewall.txt
/etc/init.d/iptables save
/etc/init.d/fail2ban start

Step 5: You are ready to ssh

ssh -p 222 username@servername

Comments are closed.