Verified and Tested 4/21/15
In this how-to we will be showing you how to change your SSH port in CentOS. For the exact operating system, we created a brand new CentOS 6.5 64 bit Cloud server. We will be using the vi editor for our file editing needs. Feel free to download and use any editor that you feel comfortable with.
Believe it or not, one of the simplest things you can do to secure your server is to change the SSH port. Since SSH comes on a default port of 22, you will see a lot of brute force attacks occurring over that port because a lot of users do not change this default SSH port!
A server installed with CentOS 6.5 x86_64. If you currently do not have a server, please consider Cloud Hosting from Atlantic.Net.
Changing your SSH port in CentOS
The first thing we want to do is SSH into our server using your preferred SSH client. Be sure that if you are using a custom user, that you have sudo rights. In this step we will be performing commands as the root user.
Once you have logged into the server, let’s open our SSH configuration.
Now once you are in the configuration you’ll want to look for the section that has “Port” in it. It should be near the top and should be shown as “#Port 22.”
What we will be doing is removing the ‘#’ so that it is a plain line of “Port 22”. Next we will be changing the 22 in the line to be any number you’d like that another program does not run on. For a list of common ports in use, you can check the following MIT page. In our example, we will be changing the SSH port to 922 so your new line should read:
Once you have the change done, simply exit and save the sshd_conf file. Now all you need to run is the below command and it will restart the SSH server. The next time you want to connect via SSH, you will need to do so on your new port, in our case, 922.
service sshd restart
Don’t forget to change the port 22 to your new port in your IPTables when done! You can check out the Locking down your CentOS server with IPTables section (link) for information on how to do that.
Note: *If using Atlantic.net Cloud services, You can always access your server via our VNC viewer in the Cloud Portal if you lock yourself out*