How to secure shell Linux in a dedicated server by Change the Default SSH ports.

To secure Linux shell in the dedicated server, we need to change our default SSH port. We get port 22 as default port during installation. This fact is not hidden from hackers. These hackers are always in try to execute their attacks and login attempt with this default port. You can prevent such attempts by simply changing encrypted, remote connections.

How to change default SSH port?

Let’s See how we can change the default SSH port to secure Linux shell in Dedicated Server. Follow these steps correctly.

  • Open the main SSH daemon configuration file. You can open it by any text editor. To open this file, you have to issue the following command.

#vi /etc/ssh/sshd_config

  • After opening the file, you have to make the following changes. 
  • As you are in sshd_config file, please find the line starting with Port 22, Don’t forget to add a hashtag (#) in front of the line. 

#Port 22

Port 15500

  • Now you have to, add a new port line and specify a new port to attach SSH. Make sure you add the new port line below the #port 22 lines.
  • Make sure while choosing a new port that it must be higher than 1024. As per the standards you can choose port up to 65535/TCP.  

Example

For example, here we are changing port 22 to the new port 15500.After making above changes restart the SSH daemon to reflect changes.

How to secure shell Linux in a dedicated server by Change the Default SSH ports. 1

Now run the SS command. This action will confirm that SSH port is changed successfully.

# systemctl restart ssh
# netstat -tlpn| grep ssh
# ss -tlpn| grep ssh

Relaxing SE Linux Policy

install policycoreutils package In CentOS or RHEL Linux based distributions. To relax SELinux policy add the below rules for the SSH daemon to bind on the new port.

# yum install policycoreutils
# semanage port -a -t ssh_port_t -p tcp 15500
# semanage port -m -t ssh_port_t -p tcp 15500
# systemctl restart sshd
# netstat -tlpn| grep ssh
# ss -tlpn| grep ssh
Facebook Comments

Leave a Reply

Your email address will not be published. Required fields are marked *