I have a small question regarding SSH
How do I change the port for ssh and allow the new port in firewalld. How do I then close the old port 22 in firewalld?
Kind regards
- The sshd’s config obviously is the place where you set the port that the sshd process does listen
- It might be necessary to tell the SELinux to allow the sshd process to listen that port
- The FirewallD’s default config has set the zone ‘public’ to have service ‘ssh’, and the config of that service is set to allow port 22. It should be possible to modify the service, or replicate with different port. Either by
firewall-cmdor with files in/etc/firewalld/*. See Configuring firewalls and packet filters Red Hat Enterprise Linux 9 | Red Hat Customer Portal
How to configure SSH to use a non-standard port with SELinux set to enforcing | TechRepublic is another one that gives instructions for the ssh port and firewall.
1 Like
That says sudo nano /etc/ssh/sshd_config
Fine for el8, but el9 has a new shiny:
sudo nano /etc/ssh/sshd_config.d/00-myport.conf
The statements in /etc/ssh/sshd_config.d/00-myport.conf do override statements
in /etc/ssh/sshd_config and you can later easily see what customizations you
have done, rather than asking “What did I edit in /etc/ssh/sshd_config?”
1 Like
Ah, thanks for that. As the one Alma I’m using regularly is on an older machine that won’t take Alma9, I wasn’t aware of that. (My other installs are on laptops or vms, where I haven’t tried to change the default port). So, I learned something this morning, thanks to you. 