Description
If you have a need, for whatever reason, to change the port you use for ssh into your Linux system it’s really easy to do. This small tutorial will show how to do it specifically for a Gentoo Linux OS, but it should be similar for all Linux OS’s. **Note: You don’t have to use port 222 which is sometimes used for rsh-spx. Feel free to use any port that isn’t being used on your server.
Step 1: Open the ssh configuration file
su vim /etc/ssh/sshd_config
Step 2: Change the port
Port 22 Port 222 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress ::
I use both port 22 and 222 which tells the ssh daemon to listen for connections from those two ports. Port 222 is just a random unofficial port that can be used. For a complete list of ports just check out the ports wiki for help.
Step 3: Restart ssh daemon
/etc/init.d/sshd restart
Step 4: Make sure port 222 is open
Run an nmap command to discover if the port is open.
nmap -p 222 server_name results
My port is blocked by iptables so I will need to edit my firewall and restart my iptables. I save a txt file of my firewall so I just have to update it and then save it to my iptables instead of having to continually edit iptables and not know what is going on.
vim /system/configuration/firewall.txt
firewall.txt
-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 139 -j ACCEPT #-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 222 -j ACCEPT -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 902 -j ACCEPT
/etc/init.d/fail2ban stop iptables-restore < /system/configuration/firewall.txt /etc/init.d/iptables save /etc/init.d/fail2ban start
Step 5: You are ready to ssh
ssh -p 222 username@servername