Changing SSH port on Red Hat based servers

If your running a Linux web server one advisable security step is changing SSH port on your server, from the default of port 22.

This is to help prevent the many script kiddies out there gaining root to your server.

This guide will work for Red Hat based distros, CentOS and Fedora for example but not on Debian based i,e Ubuntu. Although it should all work bar the firewall config.

1. Modify the SSH daemon configuration

nano -w /etc/ssh/sshd_config

Now modify the Port (use one that’s available obviously)

look for #Port

remove the # and change the port number in this example 1023

Tip 

If you don’t use the service using a port that is used by a known service  can fool some crackers on what is actually running on your server.

Press ctrl+x to exit the nano text editor, you will prompted to save.

2. Now open port 1023 in your servers firewall

nano -w /etc/sysconfig/iptables

And include the following

-A INPUT -m state –state NEW -m tcp -p tcp –dport 1023 -j Accept

This will need to be added before protocol or more sucure lockdowns in your firewall.

If your firewall is pre-configured or unsure add the entry to the beginning of the file.

Save the file.

3. Now restart the services

IpTables

service iptables restart

SSHD

service sshd restart

Now connecting to SSH via the new port

ssh root@ipaddress -p 1023

And remember to use secure passwords, mixed case and including numbers and special chars, at least 8 characters long. Although the speed increase’s in cpus now a days I would advise 12.

I will also advise in a future post on disabling root login for SSH, but until then cya later.

Update the post has now been added https://box-admin.com/2012/01/disabling-root-login-for-ssh/

Linux, Virtual & Dedicated Servers , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

eighteen − 17 =