How to Change the SSH Port on CentOS 7 Print

  • 4

 

How to Change the SSH Port on CentOS 7

One of the most common tasks during the initial configuration of a Linux server is changing the default SSH port (which is 22 by default). This action is often used as a basic security measure to reduce the visibility of the SSH service to automated attacks.

Although it doesn't protect against targeted attacks, changing the port can help prevent basic bot scans and brute-force attempts, lowering server load and reducing exposure.

 

1. Edit the SSH configuration file

Open the sshd_config file using a text editor:

nano /etc/ssh/sshd_config

Locate the following line:

#Port 22

Uncomment it and replace it with a custom port of your choice, for example:

Port 7333

Note: Use a non-standard, unused port (preferably above 1023).

 

2. Open the new port in the firewall (CSF)

If you're using CSF (ConfigServer Security & Firewall), follow these steps:

  1. Edit the CSF configuration file:
    nano /etc/csf/csf.conf
  2. Find the TCP_IN directive and add your custom port (e.g., 7333) to the list.
  3. Save and restart CSF to apply the changes:
    csf -r

 

3. Restart the SSH service

To apply the changes, restart the SSH service:

systemctl restart sshd

or:

service sshd restart

 

📌 Warning

Before closing your current SSH session, start a new session using the new port to confirm everything works. If something goes wrong, you can still fix it via the active session.

 


Was this answer helpful?

« Back