SSH service runs on 22 port number. You can change this port number for security.
If you use Oracle Linux 7, Centos 7 or Red Hat Linux 7 versions, you can change port number with below operations. If selinux is enabled, you have to add new port number to selinux configuration because of the fact that selinux allows only 22 port number for ssh connections.
Step 1 : Display your IP address
[root #] ip addr
192.168.1.191
Step 2 : Change Port Number
[root #] cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
[root #] vi /etc/ssh/sshd_config
Change port 22 with 5191 (191, is the last 3 digit from IP) ** This choice is donw, because in my netwrok i have more than 5 unix servers.
PermitRootLogin Yes
Step 3 : Change Selinux Configuration
[root #] semanage port -a -t ssh_port_t -p tcp 5191
[root #] semanage port -l | grep ssh
Step 4 : Add New Port to Firewall
To Add:
[root #] firewall-cmd –permanent –zone=public –add-port=5191/tcp
To Activate
[root #] firewall-cmd –reload
Step 5 : Restart SSHD Service to Activate New SSH Confiuration
[root #] systemctl restart sshd.service
Or
[root #] service sshd restart
Step 6 : Show Running SSH Port
[root #] ss -tnlp | grep ssh
Step 7 : Test a connectivity
[root #] ssh -p 5191
root@10.0.1.4's password:
Last login: Wed Oct 17 08:01:59 2012 from 192.168.1.155
Source: Fatih Acar
