Changing Your SSH Port For Extra Security on CentOS 6 or 7

Updated on June 26, 2015
Changing Your SSH Port For Extra Security on CentOS 6 or 7 header image

Right now, everyone seems to use the infamous port 22 to connect to their server with SSH. In my opinion, it is just another way to make it easier for an attacker to target your server. Changing the SSH port on your server may seem difficult, but it is actually quite simple to do.

First, we must edit the SSHD (SSH server daemon) configuration file. Use your favorite text editor.

vi /etc/ssh/sshd_config

Add the following code to either the top or the bottom of the configuration file.

# SSH Port
Port 2124  # the port you want to change it to

Next, we'll update the firewall. If you have disabled the firewall, skip this step. My example uses port 2124. For CentOS 6 users, run these commands:

iptables -I INPUT -p tcp --dport 2124 --syn -j ACCEPT
service iptables save
semanage port -a -t ssh_port_t -p tcp 2124

CentOS 7 users, run these commands instead:

firewall-cmd --add-port 2124/tcp --permanent
firewall-cmd --add-port 2124/tcp

The configuration changes are now finished. Restart the SSH server (SSHD)...

service sshd restart

... and voila! You just took the first step in securing your Vultr server. I also recommend taking other security measures too, such as Fail2ban.