View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions Alternative SSH port
Log in to Ask a Question
✓ Solved

Alternative SSH port

centos ssh firewall ssh-port port iptables selinux port-22 firewalld sshd_config firewall-rules ssh-access centos-stream-9

I configured SSH to use port 47378 (example). I have tried use iptables (iptables -I INPUT -p tcp --dport 47378 -J ACCEPT) to open the port, but it doesn't seem to work. How would I go about using this port for SSH?

OS: CentOS Stream 9

4 Replies

Linode Staff

✓ Best Answer

Some Possible Gotchas

sshd Considerations

  • sshd needs to be restarted after edits are made in order to take effect:
# Restart sshd
systemctl restart sshd.service

# Verify that sshd is listening on the port you want
ss -tulpn | grep sshd
  • The line in /etc/ssh/sshd_config where the port is configured, is commented out by default. There may also be a ListenAddress directive that is conflicting with your Port directive in /etc/ssh/ssd_config.
# Show relevant lines from your /etc/ssh/sshd_config file
cat /etc/ssh/sshd_config | grep -E '^#?(Port|ListenAddress)' /etc/ssh/sshd_config

Firewall Considerations

# Check IP Tables
iptables -L
  • There may be a firewall on your local network or computer that is blocking port 47378.

SELinux Considerations

  • If you are using SELinux (some RedHat Distributions), you will need to add tcp port 47378 to your port contexts[1][2]:
# Install the tools
dnf update
dnf install policycoreutils-python-utils

# Show current port contexts
semanage port -l | grep ssh

# Update port context
semanage port -a -t ssh_port_t -p tcp 47378

# Verify Changes
semanage port -l | grep ssh

# Open Port on Firewall
firewall-cmd --add-port=47378/tcp --permanent
firewall-cmd --reload

# Restart sshd
systemctl restart sshd

See also

References:
[1] https://www.cyberciti.biz/faq/howto-change-ssh-port-on-linux-or-unix-server/
[2] https://www.techrepublic.com/article/how-to-configure-ssh-to-use-a-non-standard-port-with-selinux-set-to-enforcing/

I configured SSH to use port 47378 (example).

Did you restart sshd:

sudo systemctl restart sshd

— sw

@stevewi

Yes, I did restart sshd

Thank you for the reply! I'll post an update here after I try everything you mentioned.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct